• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Modx FileDownload Snippet Arbitrary File Download Vulnerability

FileDownload is prone to an issue that allows an attacker to download arbitrary files.

The attacker can exploit this issue to obtain sensitive information and download arbitrary files from the webserver.

FileDownload versions prior to 2.5 are vulnerable to this issue.