TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit

No description provided by source. Description: TorrentFlux fails to sanitise the variable "alias" in downloaddetails.php. This allows an attacker to include any file they want; the contents is displayed at in the spaces provided and the remaning data is displayed as error messages on the page...