Arbitrary File Download
Posted: Mon Oct 23, 2017 10:43 pm
Does arbitrary file download is included in Improper Access Control?
For example i'm able to download server php files. This could leak database connections, credentials, etc.
Thanks.
For example i'm able to download server php files. This could leak database connections, credentials, etc.
Thanks.