Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-2265

Опубликовано: 05 июл. 2009
Источник: nvd
CVSS2: 7.5
EPSS Критический

Описание

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:fckeditor:fckeditor:*:*:*:*:*:*:*:*
Версия до 2.6.4 (включая)
cpe:2.3:a:fckeditor:fckeditor:2.0:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.0_fc:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.0_rc2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.0rc2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.0rc3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3:beta:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.4:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.5:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.5:beta:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.3:beta:*:*:*:*:*:*
cpe:2.3:a:fckeditor:fckeditor:2.6.4:beta:*:*:*:*:*:*

EPSS

Процентиль: 100%
0.90873
Критический

7.5 High

CVSS2

Дефекты

CWE-22

Связанные уязвимости

ubuntu логотип

CVE-2009-2265

ubuntu
больше 16 лет назад

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.

redhat логотип

CVE-2009-2265

redhat
больше 16 лет назад

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.

debian логотип

CVE-2009-2265

debian
больше 16 лет назад

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4 ...

github логотип

GHSA-4849-cfqq-r8pq

github
почти 4 года назад

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.

fstec логотип

BDU:2023-01042

CVSS3: 6.3
fstec
почти 17 лет назад

Уязвимость WYSIWYG-редактора Ckeditor, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом. позволяющая нарушителю загрузить произвольные файлы

EPSS

Процентиль: 100%
0.90873
Критический

7.5 High

CVSS2

Дефекты

CWE-22