Web Directory Pro bypass Vulnerabilities

Web Directory Pro is product of hostingfrenzy.com I check latest version and detect some security holes, attackers can backup database or re-config system:

1. Backup database:
   http://[domain]/[path]/admin/backup_db.php
2. Re-config system:
   http://[domain]/[path]/admin/options.php
   Note: If IE cannot download bacup file, you can use firefox.
   The vendor was fixed but more sites can exploit.