CVE-2008-6178
Falt4 CMS RC4 - 'FCKeditor' Arbitrary File Upload
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote attackers to execute arbitrary code by creating a file with PHP sequences preceded by a ZIP header, uploading this file via a FileUpload action with the application/zip content type, and then accessing this file via a direct request to the file in UserFiles/File/, probably a related issue to CVE-2005-4094. NOTE: some of these details are obtained from third party information.
Vulnerabilidad de envĂo de archivo no restringido en editor/filemanager/browser/default/connectors/php/connector.php en FCKeditor v2.2 en Falt4 CMS, Nuke ET, y otros productos, lo que permite a atacantes remotos ejecutar codigo a su eleccion mediante la creacion de un fichero con secuencias PHP precedidas de un encabezado ZIP, subiendo este fichero a traves la accion FileUpload, y despues accediendo al fichero a traves de una peticion directa del fichero en UserFiles/File/, probablemente relacionado con CVE-2005-4094. NOTA: Algunos detalles fueron obtenidos de una tercera parte.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-10-18 First Exploit
- 2009-02-19 CVE Reserved
- 2009-02-19 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/0447 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/48769 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/8060 | 2024-08-07 | |
| https://www.exploit-db.com/exploits/6783 | 2008-10-18 | |
| http://www.securityfocus.com/bid/31812 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/33973 | 2017-09-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fckeditor Search vendor "Fckeditor" | Fckeditor Search vendor "Fckeditor" for product "Fckeditor" | 2.0rc2 Search vendor "Fckeditor" for product "Fckeditor" and version "2.0rc2" | - |
Affected
| ||||||
| Fckeditor Search vendor "Fckeditor" | Fckeditor Search vendor "Fckeditor" for product "Fckeditor" | 2.0rc3 Search vendor "Fckeditor" for product "Fckeditor" and version "2.0rc3" | - |
Affected
| ||||||
| Fckeditor Search vendor "Fckeditor" | Fckeditor Search vendor "Fckeditor" for product "Fckeditor" | 2.2 Search vendor "Fckeditor" for product "Fckeditor" and version "2.2" | - |
Affected
| ||||||
| Fckeditor Search vendor "Fckeditor" | Fckeditor Search vendor "Fckeditor" for product "Fckeditor" | 2.3beta Search vendor "Fckeditor" for product "Fckeditor" and version "2.3beta" | - |
Affected
| ||||||
| Fckeditor Search vendor "Fckeditor" | Fckeditor Search vendor "Fckeditor" for product "Fckeditor" | 2.4.3 Search vendor "Fckeditor" for product "Fckeditor" and version "2.4.3" | - |
Affected
| ||||||
| Phplist Search vendor "Phplist" | Phplist Search vendor "Phplist" for product "Phplist" | 2.10.1 Search vendor "Phplist" for product "Phplist" and version "2.10.1" | - |
Affected
| ||||||
| Phplist Search vendor "Phplist" | Phplist Search vendor "Phplist" for product "Phplist" | 2.10.2 Search vendor "Phplist" for product "Phplist" and version "2.10.2" | - |
Affected
| ||||||
| Phplist Search vendor "Phplist" | Phplist Search vendor "Phplist" for product "Phplist" | 2.10.3 Search vendor "Phplist" for product "Phplist" and version "2.10.3" | - |
Affected
| ||||||
| Phplist Search vendor "Phplist" | Phplist Search vendor "Phplist" for product "Phplist" | 2.10.4 Search vendor "Phplist" for product "Phplist" and version "2.10.4" | - |
Affected
| ||||||
| Phplist Search vendor "Phplist" | Phplist Search vendor "Phplist" for product "Phplist" | 2.10.5 Search vendor "Phplist" for product "Phplist" and version "2.10.5" | - |
Affected
| ||||||
| Phplist Search vendor "Phplist" | Phplist Search vendor "Phplist" for product "Phplist" | 2.10.6 Search vendor "Phplist" for product "Phplist" and version "2.10.6" | - |
Affected
| ||||||