This exploit demonstrates an unauthenticated database backup disclosure vulnerability in Asaher Pro v1.0.4. Accessing the admin_backup.php endpoint directly allows attackers to download the database without authentication.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:Asaher Pro v1.0.4
No auth needed
Prerequisites:Network access to the target web application