Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-3456. PoCs published by Kazza.
AI-analyzed exploit summary This is a writeup describing a Local File Inclusion (LFI) vulnerability in ES Simple Download v1.0. It provides details on how to exploit the vulnerability by manipulating the 'file' parameter in the download.php script to access sensitive files like config.php.
Description
Directory traversal vulnerability in download.php in EnergyScripts (ES) Simple Download 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Exploits (1)
This is a writeup describing a Local File Inclusion (LFI) vulnerability in ES Simple Download v1.0. It provides details on how to exploit the vulnerability by manipulating the 'file' parameter in the download.php script to access sensitive files like config.php.