inurl:"zendesk.com/attachments/token" site:zendesk.com

GHDB-ID:

3854

Author:

anonymous

Google Dork Description:

inurl:"zendesk.com/attachments/token" site:zendesk.com

zendesk is good ticketing system . It has thousands of clients. with the

above dork you can see the clients internal file attachments of the

tickets .



These file can be opened by anyone because they are not maintaining any

authentication token for this attachments



Internal source codes, doubts, ip's , passwords, can be disclosed in the

attachments