Vdesk Hangupphp3 Exploit [upd] Jun 2026
VDesk stored session data in flat files within /tmp/ or /vdesk/sessions/ . The hangup.php3 script often accepted a session_id via GET or POST without sufficient sanitization.
VDesk stored session data in flat files within /tmp/ or /vdesk/sessions/ . The hangup.php3 script often accepted a session_id via GET or POST without sufficient sanitization.