CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Fckeditor: >> Fckeditor >> 2.0_rc2 Security Vulnerabilities

CVE-2009-2265

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.

CVSS Score

7.5

EPSS Score

0.92

Published

2009-07-05

CVE-2009-2324

Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory.

CVSS Score

4.3

EPSS Score

0.003

Published

2009-07-05

CVE-2005-0613

Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files.

CVSS Score

5.0

EPSS Score

0.035

Published

2005-02-28

Page 1

Vulnerabilities

Vulnerable Software

Fckeditor: >> Fckeditor >> 2.0_rc2 Security Vulnerabilities

Products

Pricing

Contact Us