CVE-2006-3362

This exploit targets ToendaCMS <= 1.0.0 by uploading a malicious PHP file disguised as an allowed file type via the FCKeditor file upload functionality. It then executes arbitrary commands by sending a crafted GET request with the command embedded in a cookie.

This exploit targets a file upload vulnerability in WeBid v0.5.4's FCKeditor component, allowing arbitrary PHP file upload by bypassing extension checks. It uploads a malicious PHP shell disguised with allowed extensions (e.g., .swf, .doc) and provides interactive command execution.

This exploit targets Geeklog <= 1.4.0sr3 by uploading a malicious PHP file via the unprotected FCKeditor connector. It achieves remote command execution by leveraging a file upload vulnerability in the 'mcpuk' connector.