########################## www.BugReport.ir
#######################################

AmnPardaz Security Research Team

Title: TransLucid 1.75 (fckeditor) Remote Arbitrary File Upload

Vendor: www.translucidonline.com

Vulnerable Version: 1.75 (prior versions also may be affected)

Exploitation: Remote with browser

Exploit: Available

Impact: Medium

Fix: N/A

Original Advisory: http://www.bugreport.ir/index_51.htm

###################################################################################

####################

• Description:
  ####################

transLucid is the simple website publishing system with which anyone
can create and maintain web content, in multiple languages and based
on a
growing list of ready-made, professional layouts.

####################

• Vulnerability:
  ####################

±-> Fckeditor Arbitrary File Upload

The problem is that it is possible to upload files to a location
inside the web root "/userdata" via the

/editors/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php
script.

####################

• Exploit:
  ####################

http://example.com/transLucid_175/editors/FCKeditor/editor/filemanager/browser/default/connectors/test.html

####################

• Solution:
  ####################

Restrict and grant only trusted users access to the resources.

####################

• Credit :
  ####################
  AmnPardaz Security Research & Penetration Testing Group
  Contact: admin[4t}bugreport{d0t]ir
  WwW.BugReport.ir
  WwW.AmnPardaz.com