CVE-2006-7159

Publication date

2007-03-07 20:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in include/prune_torrents.php in BTI-Tracker 1.3.2 (aka btitracker) allows remote attackers to delete arbitrary files via ".." sequences in the TORRENTSDIR parameter in a prune action.