Dominus

**Name of the Vulnerable Software and Affected Versions** TorrentTrader Classic version 1.08 **Description** The issue concerns cross-site request forgery (CSRF) vulnerabilities in the account-inbox.php file. This allows remote attackers to perform certain actions as other users, such as sending messages. **Recommendations** For TorrentTrader Classic version 1.08, consider implementing CSRF protection mechanisms, such as token-based validation, to prevent unauthorized actions. As a temporary workaround, restrict access to the account-inbox.php file to minimize the risk of exploitation.