Agent Tesla Botnet - Information Disclosure Vulnerability

Tesla Botnet Information discloser vulnerability

The exploit of the day today is a one year old Vulnerability.
A vulnerability for the popular keylogger Tesla( has been released.

The website( is currently down, is this due to this vulnerability? Most likely.

The vulnerability lays in the WebPanel/server_side/scripts/server_processing.php PHP file in the web form
Vulnerable Code:

$table = $_GET['table'];

// Table's primary key
$primaryKey = $_GET['primary'];

	$where = base64_decode($_GET['where']);
	$where = "";

$idArray = unserialize(urldecode($_GET['clmns']));


curl "" -XGET -v

Read more: