FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability

FCKeditor For PHP-Nuke Arbitrary File Upload Vulnerability

An exploit is not required.

It is reported that the following actions can allow for arbitrary file uploads:
Access the script:
http://www.example.com/modules.php?name=FCKeditor
Click on "upload image"
Click at "search at server"
Upload the file.