This exploit demonstrates a remote file disclosure vulnerability in ARWScripts software. It uses a base64-encoded path traversal payload to retrieve arbitrary files, such as /etc/passwd, via the 'viewfile.php' script.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:ARWScripts (version unspecified)
No auth needed
Prerequisites:Access to the vulnerable 'viewfile.php' endpoint