The exploit demonstrates a directory traversal vulnerability in The Uploader 2.0.4, allowing remote file disclosure via the 'filename' parameter in 'api/download_launch.php'. The PoC shows how to read arbitrary files (e.g., '/etc/passwd') by manipulating the path.
Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:The Uploader 2.0.4
No auth needed
Prerequisites:Target must have The Uploader 2.0.4 installed · The 'api/download_launch.php' endpoint must be accessible