translucid-upload.txt

`########################## www.BugReport.ir #######################################  
#  
# AmnPardaz Security Research Team  
#  
# Title: TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload  
# Vendor: www.translucidonline.com  
# Vulnerable Version: 1.75 (prior versions also may be affected)  
# Exploitation: Remote with browser  
# Exploit: Available  
# Impact: Medium  
# Fix: N/A  
# Original Advisory: http://www.bugreport.ir/index_51.htm  
###################################################################################  
  
####################  
- Description:  
####################  
  
transLucid is the simple website publishing system with which anyone can create and maintain web content, in multiple languages and based on a  
growing list of ready-made, professional layouts.  
  
####################  
- Vulnerability:  
####################  
  
+--> Fckeditor Arbitrary File Upload  
  
The problem is that it is possible to upload files to a location inside the web root "/userdata" via the  
  
/editors/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php script.  
  
  
####################  
- Exploit:  
####################  
  
http://example.com/transLucid_175/editors/FCKeditor/editor/filemanager/browser/default/connectors/test.html  
  
####################  
- Solution:  
####################  
  
Restrict and grant only trusted users access to the resources.  
  
####################  
- Credit :  
####################  
AmnPardaz Security Research & Penetration Testing Group  
Contact: admin[4t}bugreport{d0t]ir  
WwW.BugReport.ir  
WwW.AmnPardaz.com  
  
  
`