The exploit demonstrates an arbitrary file download vulnerability in FTP2FTP 1.0 via the 'id' parameter in 'download2.php', allowing attackers to read sensitive files using directory traversal. The PoC includes a functional example URL to exploit the flaw.
Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:FTP2FTP 1.0
No auth needed
Prerequisites:Access to the vulnerable 'download2.php' endpoint