It is reported that Blog Torrent is prone to a remote directory traversal vulnerability. This issue is due to a failure of the server process to properly filter user supplied input.
Blog Torrent preview 0.8 version is affected by this vulnerability.
Blog Torrent btdownload.php file Variable Traversal Arbitrary File Retrieval
Remote / Network Access
Loss of Confidentiality
Blog Torrent contains a flaw that allows a remote attacker to access files outside of the web path. The issue is due to the btdownload.php script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the file variable.
Upgrade to version 0.81 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.