Lucene search
K

696 matches found

CVE
CVE
added 2006/02/13 11:0 a.m.57 views

CVE-2006-0658

Vulnerability family: incomplete blacklist in FCKeditor. Affected: FCKeditor 2.0/2.2 as used in RunCMS and related products. Issue: remote attackers can upload and execute arbitrary script files by using extensions not listed in Config[DeniedExtensions][File] (e.g., .php.txt) due to inadequate ex...

5CVSS7AI score0.06744EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2006/02/13 11:0 a.m.40 views

CVE-2006-0658

Removed by vendor...

5CVSS6.7AI score0.06744EPSS
Exploits1
securityvulns
securityvulns
added 2006/02/13 12:0 a.m.37 views

runCMS <= 1.3a2 possible remote code execution through the integrated FCKEditor package

--- RunCMS = 1.3a2 remote code execution ------------------------------------ software: site: http://www.runcms.org/public/modules/news/ description: "RUNCMS E-Xoops is a extensible content management system based on the v1 core of Xoops"...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2006/02/10 12:0 a.m.57 views

[SA18767] FCKeditor File Upload Vulnerability

TITLE: FCKeditor File Upload Vulnerability SECUNIA ADVISORY ID: SA18767 VERIFY ADVISORY: http://secunia.com/advisories/18767/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: FCKeditor 2.x http://secunia.com/product/7973/ DESCRIPTION: rgod has discovered a...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/09 12:0 a.m.180 views

FCKEditor 2.0 < 2.2 - 'FileManager connector.php' Arbitrary File Upload

a short explaination: if a user cam call directly http://target/path/editor/filemanager/browser/default/connectors/php/connector.php he can upload malicious contempt on a target server, including arbitrary php code, and launch commands on it this works when php connector is enabled in config.php...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/02/09 12:0 a.m.71 views

RunCMS 1.2 - class.forumposts.php Remote File Inclusion

RunCMS 1.2 - class.forumposts.php Remote File Inclusion ?php ---runcms13axpl.php 17.30 09/02/2006 RunCMS = 1.2 arbitrary remote inclusion exploit " = 1.3a shell upload through FCKEditor coded by rgod site: http://retrogod.altervista.org usage: launch from Apache, fill in requested fields, then go...

0.1AI score
Exploits0
0day.today
0day.today
added 2006/02/09 12:0 a.m.145 views

FCKEditor 2.0 <= 2.2 (connector.php) Remote Shell Upload Exploit

Exploit for unknown platform in category web applications ================================================================ FCKEditor 2.0 a short explaination: if a user cam call directly http://target/path/editor/filemanager/browser/default/connectors/php/connector.php he can upload malicious...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/02/09 12:0 a.m.89 views

RunCMS &lt;= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit

No description provided by source. ?php ---runcms13axpl.php 17.30 09/02/2006 RunCMS = 1.2 arbitrary remote inclusion exploit " = 1.3a shell upload through FCKEditor coded by rgod site: http://retrogod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "But when...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/02/09 12:0 a.m.16 views

FCKEditor 2.0 2.2 - FileManager connector.php Arbitrary File Upload

FCKEditor 2.0 2.2 - FileManager connector.php Arbitrary File Upload a short explaination: if a user cam call directly http://target/path/editor/filemanager/browser/default/connectors/php/connector.php he can upload malicious contempt on a target server, including arbitrary php code, and launch...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2006/02/09 12:0 a.m.31 views

FCKEditor 2.0 &lt;= 2.2 (connector.php) Remote Shell Upload Exploit

No description provided by source. ?php ---fckeditor22xpl.php 15.38 04/12/2005 FCKEditor 2.0 = 2.2 shell upload coded by rgod site: http://retrogod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Security against defeat implies defensive tactics; ability to...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/02/09 12:0 a.m.250 views

RunCMS <= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit

Exploit for unknown platform in category web applications ======================================================================= RunCMS = 1.2 class.forumposts.php Arbitrary Remote Inclusion Exploit ======================================================================= ?php ---runcms13axpl.php...

7.1AI score
Exploits0
CVE
CVE
added 2005/03/03 5:0 a.m.62 views

CVE-2005-0613

CVE-2005-0613 concerns an vulnerability in the FCKeditor 2.0 RC2 when used with PHP-Nuke, allowing remote attackers to upload arbitrary files. The issue is evidenced across multiple sources in the connected documents, which identify the affected component as the FCKeditor add-on for PHP-Nuke and ...

5CVSS6.9AI score0.04601EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2005/03/03 5:0 a.m.23 views

CVE-2005-0613

Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files...

6.8AI score0.04601EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/03/01 12:0 a.m.58 views

FCKeditor for PHP-Nuke Arbitrary File Upload

The remote host is running a version of the FCKeditor add-on for PHP-Nuke that allows a remote attacker to upload arbitrary files and run them in the context of the web server user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5CVSS5.7AI score0.04601EPSS
Exploits0References1
NVD
NVD
added 2005/02/28 5:0 a.m.23 views

CVE-2005-0613

Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files...

5CVSS6.8AI score0.04601EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/02/28 12:0 a.m.21 views

FCKeditor with PHPNuke connector.php File Upload

Binary data 2661.prm...

5CVSS7.3AI score0.04601EPSS
Exploits0References1
Rows per page
Query Builder