CVE Certified
GHDB

inurl:"zendesk.com/attachments/token" site:zendesk.com

prev next

Google search: inurl:"zendesk.com/attachments/token" site:zendesk.com

Hits: 4812

Submited: 2013-08-08

zendesk is good ticketing system . It has thousands of clients. with the
above dork you can see the clients internal file attachments of the
tickets .

These file can be opened by anyone because they are not maintaining any
authentication token for this attachments

Internal source codes, doubts, ip's , passwords, can be disclosed in the
attachments