Open Bug Bounty Community Forum

Coordinated & Responsible Disclosure
https://www.openbugbounty.org/forum/

Arbitrary File Download

https://www.openbugbounty.org/forum/viewtopic.php?f=5&t=568

Page 1 of 1

Arbitrary File Download

Posted: Mon Oct 23, 2017 10:43 pm
by c0rtePentest
Does arbitrary file download is included in Improper Access Control?

For example i'm able to download server php files. This could leak database connections, credentials, etc.

Thanks.

Re: Arbitrary File Download

Posted: Tue Oct 24, 2017 8:21 am
by x1admin
c0rtePentest wrote:
Mon Oct 23, 2017 10:43 pm
 Does arbitrary file download is included in Improper Access Control?

For example i'm able to download server php files. This could leak database connections, credentials, etc.

Thanks.
pls report vulnerability we check and discuss
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/