Showing 1 - 4 of 4

CVE-2009-2265

Status Candidate

Overview

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.

Related Files

Adobe ColdFusion 8 Remote Command Execution: Posted Jun 24, 2021; Authored by Pergyz; Adobe ColdFusion 8 remote command execution exploit.; tags | exploit, remote; advisories | CVE-2009-2265; SHA-256 | 2641dc8dea746f5bc8e25940e7ce8a00223a7fa63b29a5e18fae874ce86d1220; Download | Favorite | View

ColdFusion 8.0.1 Arbitrary File Upload And Execute: Posted Nov 3, 2010; Authored by MC | Site metasploit.com; This Metasploit module exploits the Adobe ColdFusion 8.0.1 FCKeditor 'CurrentFolder' File Upload and Execute vulnerability.; tags | exploit, file upload; advisories | CVE-2009-2265; SHA-256 | ed8d1ef04d8a010a5d9547040860e7779a809135357782fe9bb61bda538a7295; Download | Favorite | View

Debian Linux Security Advisory 1836-1: Posted Jul 17, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1836-1 - Vinny Guido discovered that multiple input sanitising vulnerabilities in Fckeditor, a rich text web editor component, may lead to the execution of arbitrary code.; tags | advisory, web, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2009-2265; SHA-256 | 8aca73d4db5e9a83ca752db9f342ac157518676f56efb95cb2c291cfe066ef03; Download | Favorite | View

Open Source CERT Security Advisory 2009.7: Posted Jul 6, 2009; Authored by Andrea Barisani, Open Source CERT | Site ocert.org; FCKeditor, a web based open source HTML text editor, suffers from a remote file upload vulnerability. The input of several connector modules is not properly verified before being used, this leads to exposure of the contents of arbitrary directories on the server filesystem and allows file uploading to arbitrary locations. The affected code is remotely exposed before authentication. An attacker can exploit this vulnerability to install remote shells on the victim server among other things, it should be noted that this vulnerability is being actively exploited in the wild. Versions 2.6.4 and below are affected.; tags | advisory, remote, web, arbitrary, shell, file upload; advisories | CVE-2009-2265; SHA-256 | e8fb00e2c1d4004e9c9d5b6c8091560a3a8bc7b786b95c5a80061e93d79b8354; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 306 files
indoushka 132 files
Ubuntu 94 files
Gentoo 32 files
Debian 24 files
LiquidWorm 18 files
malvuln 8 files
Google Security Research 8 files
verylazytech 3 files
Seth Jenkins 3 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,144)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,627)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,101)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,931)
UNIX (9,469)
UnixWare (188)
Windows (6,784)
Other

CVE-2009-2265

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems