|
|
FCKeditor 'CurrentFolder' Parameter Arbitrary File Upload Vulnerability
|
Bugtraq ID:
|
31812
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2009-2265
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Oct 18 2008 12:00AM
|
|
Updated:
|
Aug 21 2009 03:56PM
|
|
Credit:
|
EgiX and Batter
|
|
Vulnerable:
|
Zope Zope.html 1.1
Tru-Zone NukeET 3.4
RedHat Fedora 11
RedHat Fedora 10
PHPList PHPList 2.10.6
PHPList PHPList 2.10.5
PHPList PHPList 2.10.4
PHPList PHPList 2.10.3
PHPList PHPList 2.10.2
PHPList PHPList 2.10.1
FCKeditor FCKeditor 2.6.4
FCKeditor FCKeditor 2.4.3
FCKeditor FCKeditor 2.0 rc3
FCKeditor FCKeditor 2.0 RC2
FCKeditor FCKeditor 2.3 beta
FCKeditor FCKeditor 2.2
Falt4 CMS Falt4 Extreme RC4
Dokeos Dokeos 1.8.6
Dokeos Dokeos 1.8.5
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Clansphere Clansphere 2009.0.1
Clansphere Clansphere 2008.2.1
Clansphere Clansphere 2009.0
Clansphere Clansphere 2008
Alexscriptengine News-Engine 1.5.1
Alexscriptengine Article-Engine 1.3
Adobe ColdFusion 8.0.1
Adobe ColdFusion 8
|
|
|
|
Not Vulnerable:
|
Zope Zope.html 1.2
PHPList PHPList 2.10.7
FCKeditor FCKeditor 2.6.4 .1
Clansphere Clansphere 2009.0.2
|
|
|
