phpMyBitTorrent contains a flaw that is triggered when certain user-supplied input passed via the 'staff_table' parameter is not properly sanitized in the staff.php script. This may allow a remote attacker to inject arbitrary PHP code to the cache file.
Remote / Network Access
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.