2 matches found
Adobe ColdFusion FCKeditor Input Validation Flaw Arbitrary File Upload (CVE-2008-6178; CVE-2009-2265)
A vulnerability has been reported in Adobe Systems ColdFusion that could allow remote users to upload files in arbitrary directories potentially leading to a system compromise. The vulnerability is due to an input validation error in the FCKeditor which is embedded in ColdFusion 8. Remote attacke...
CVE-2008-6178
The CVE-2008-6178 issue is a vulnerability in FCKeditor 2.2’s editor/filemanager/browser/default/connectors/php/connector.php where FileUpload accepts a file with PHP content masquerading as an image (via a ZIP header) and stores it under UserFiles/File/, enabling remote code execution. Affected ...