Easyndexer Arbitrary File Download Vulnerability

An arbitrary file download vulnerability has been identified in Easyndexer version 1.0. This vulnerability allows unauthenticated attackers to download sensitive files by manipulating the file parameter in POST requests to showtif.php. Exploitation of this vulnerability can lead to the retrieval of system files, such as configuration and initialization files.

Impact

Exploitation of this vulnerability allows for unauthorized access to sensitive files on the server, potentially including configuration and initialization files that could be used for further attacks.

Reproduction

To reproduce this vulnerability, send a POST request to showtif.php with an arbitrary file path in the file parameter. The request should include the necessary headers to mimic a standard browser request. If the vulnerability is present, the server will respond with the requested file as an attachment.