Directory Traversal Vulnerabilities in FCKeditor 2.0 FC by FCKeditor
CVE-2006-0921

Currently unrated

Key Information:

Vendor

Fckeditor

Status
Fckeditor
Vendor
CVE Published:
28 February 2006

What is CVE-2006-0921?

FCKeditor 2.0 FC has multiple directory traversal vulnerabilities in its connector.php file. Remote attackers can exploit these flaws by manipulating the CurrentFolder parameter through the use of '..' (dot dot) sequences. This exploitation allows unauthorized users to list and create arbitrary directories, potentially leading to further compromises within affected systems. Affected products like RunCMS could be at risk, particularly if properly implemented security measures are not in place.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/484
third-party-advisoryx_refsource_SREASON
http://www.nsag.ru/vuln/952.html
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/24878
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.