inurl:"zendesk.com/attachments/token" site:zendesk.com

• SHDB
• 2086 阅读

• 日期：2013-08-08
• 类别：
  • Files Containing Juicy Info
• 作者：anonymous
• 语法：inurl:"zendesk.com/attachments/token" site:zendesk.com

• zendesk is good ticketing system . It has thousands of clients. with the

  above dork you can see the clients internal file attachments of the

  tickets .

  These file can be opened by anyone because they are not maintaining any

  authentication token for this attachments

  Internal source codes, doubts, ip's , passwords, can be disclosed in the

  attachments