Vulnerability Details CVE-2006-7159
Directory traversal vulnerability in include/prune_torrents.php in BTI-Tracker 1.3.2 (aka btitracker) allows remote attackers to delete arbitrary files via ".." sequences in the TORRENTSDIR parameter in a prune action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.7%
CVSS Severity
CVSS v2 Score 6.4
References
- http://secunia.com/advisories/22322
- http://securityreason.com/securityalert/2377
- http://www.securityfocus.com/archive/1/447928/100/0/threaded
- http://www.securityfocus.com/bid/20422
- http://secunia.com/advisories/22322
- http://securityreason.com/securityalert/2377
- http://www.securityfocus.com/archive/1/447928/100/0/threaded
- http://www.securityfocus.com/bid/20422
Products affected by CVE-2006-7159
-
cpe:2.3:a:bti-tracker:bti-tracker:1.3.2
-
cpe:2.3:a:btitracker:btitracker:1.3.2