A vulnerability was found in ChrisHurst Simple Backup 2.7.11 . It has been rated as critical . This affects an unknown function of the file tools.php . The manipulation of the argument download_backup_file leads to path traversal. This vulnerability is referenced as CVE-2016-20076 . Remote exploitation of the attack is possible. Furthermore, an exploit is available.