Описание
Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658.
Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-3163
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34982
- http://ha.ckers.org/blog/20070606/additional-image-bypass-on-windows
- http://osvdb.org/37554
- http://secunia.com/advisories/25719
- http://secunia.com/advisories/25923
- http://sourceforge.net/project/shownotes.php?release_id=520159
- http://www.bitchiller.de/?p=20
- http://www.securityfocus.com/bid/24510
EPSS
CVE ID
Связанные уязвимости
Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658.
Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658.
Incomplete blacklist vulnerability in the filemanager in Frederico Cal ...
EPSS