SyntaxCMS 1.3 - 'FCKeditor' Arbitrary File Upload

special THanks to EgiX For the Exploit Code author...: Stack mail.....: Ev!L descr: if the web site change the name of path or path is /public/ you can delet /public/ in the exploit in the line : "POST $pathpublic/fckeditor/editor/filemanager/upload/php/upload.php - vulnerable code in...

syntaxcms-upload.txt

special THanks to EgiX For the Exploit Code author...: Stack mail.....: Ev!L descr: if the web site change the name of path or path is /public/ you can delet /public/ in the exploit in the line : "POST $pathpublic/fckeditor/editor/filemanager/upload/php/upload.php - vulnerable code in...

Design/Logic Flaw

Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php."...

CVE-2007-5156

CVE-2007-5156 references an incomplete blacklist vulnerability in FCKeditor’s editor/filemanager/upload/php/upload.php, used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and other products. The flaw allows remote attackers to upload and execute arbitrary PHP code by submitting a...