smartftp.txt
I found a bug in the SmartFTP-D Server which will give an attacker full access to the server, if he has the right to write files on the server. For every user, the program is checking if a special Userfile exists Sample: Username=hacker & Userfile=hacker.FTPUser. If it exists, the configuration,...