header-logo
Suggest Exploit
vendor:
Uploaderr
by:
DigitALL
7.8
CVSS
HIGH
Shell Upload Vulnerability
78
CWE
Product Name: Uploaderr
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE: CVE-2020-12345
CPE: a:uploaderr:uploaderr:1.0
Metasploit: N/A
Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=142058https://www.infosecmatter.com/nessus-plugin-library/?id=106846https://www.infosecmatter.com/nessus-plugin-library/?id=106845https://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/dos/hp/data_protector_rdshttps://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/tftp/attftp_long_filenamehttps://www.infosecmatter.com/nessus-plugin-library/?id=94365https://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/dos/windows/http/ms10_065_ii6_asp_doshttps://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/misc/nettransporthttps://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/dos/http/apache_range_doshttps://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/scanner/udp/udp_amplification
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2020

Uploaderr – File Hosting Script Shell Upload Vulnerability

Uploaderr is a file hosting script that is vulnerable to a shell upload vulnerability. An attacker can upload a malicious shell to the /uploads/ directory and gain access to the server. This vulnerability has a CVSS score of 9.3 and is assigned CVE-2020-12345.

Mitigation:

The best way to mitigate this vulnerability is to ensure that the server is properly configured to prevent the upload of malicious files. Additionally, it is recommended to regularly monitor the server for any suspicious activity.
Source

Exploit-DB raw data:

# Exploit Title: Uploaderr - File Hosting Script Shell Upload Vulnerability

# Author: DigitALL

# Vendor:  http://uploaderr.com

# Version: 1.0

# Greetz: Zombie KroNickq HackSpy and ALL 1923Turk.Biz Members

# Dork: "Instant Free File Uploader"

# Application: Please Add Files ( Your Shell ) And Upload.

# Shell : /uploads/  one back dir find .php files and go :)

Navigation

Suggest Exploit

Services By CQR