Back to search
CVE-2006-0921
Published: Feb 28, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote attackers to list and create arbitrary directories via a .. (dot dot) in the CurrentFolder parameter to (1) GetFoldersAndFiles and (2) CreateFolder.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
484
third-party-advisory
x_refsource_SREASON
http://www.nsag.ru/vuln/952.html
x_refsource_MISC
fckeditor-connector-obtain-information(24878)
vdb-entry
x_refsource_XF
20060519 Re: NSA Group Security Advisory NSAG-¹195-23.02.2006 Vulnerability FCKeditor 2.0 FC
mailing-list
x_refsource_BUGTRAQ
20060223 NSA Group Security Advisory NSAG-¹195-23.02.2006 Vulnerability FCKeditor 2.0 FC
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now