CVE-2008-6178

FCKeditor 2.2 - Remote Code Execution via ZIP File Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-6178. PoCs published by Sp3shial, EgiX.

AI-analyzed exploit summary This exploit targets a file upload vulnerability in Falt4 CMS via FCKeditor, allowing arbitrary PHP file upload and remote command execution. It uses a multipart form data request to upload a malicious PHP file disguised as a ZIP file, then executes commands via HTTP headers.

Description

Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote attackers to execute arbitrary code by creating a file with PHP sequences preceded by a ZIP header, uploading this file via a FileUpload action with the application/zip content type, and then accessing this file via a direct request to the file in UserFiles/File/, probably a related issue to CVE-2005-4094. NOTE: some of these details are obtained from third party information.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Sp3shial · phpwebappsphp
https://www.exploit-db.com/exploits/8060

This exploit targets a file upload vulnerability in Falt4 CMS via FCKeditor, allowing arbitrary PHP file upload and remote command execution. It uses a multipart form data request to upload a malicious PHP file disguised as a ZIP file, then executes commands via HTTP headers.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Falt4 CMS (fckeditor)
No auth needed
Prerequisites: Target must have Falt4 CMS with vulnerable FCKeditor installed · FCKeditor file upload endpoint must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by EgiX · phpwebappsphp
https://www.exploit-db.com/exploits/6783

This exploit demonstrates a file upload vulnerability in Nuke ET <= 3.4 by spoofing the MIME type to bypass security checks, allowing arbitrary PHP file upload and remote command execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Nuke ET <= 3.4 (fckeditor)
No auth needed
Prerequisites: Access to the FCKeditor file upload endpoint
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31812
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33973
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0447
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48769
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8060

Scores

EPSS 0.0781
EPSS Percentile 93.9%

Details

CWE
CWE-94
Status published
Products (11)
fckeditor/fckeditor 2.0rc2
fckeditor/fckeditor 2.0rc3
fckeditor/fckeditor 2.2
fckeditor/fckeditor 2.3beta
fckeditor/fckeditor 2.4.3
phplist/phplist 2.10.1
phplist/phplist 2.10.2
phplist/phplist 2.10.3
phplist/phplist 2.10.4
phplist/phplist 2.10.5
... and 1 more
Published Feb 19, 2009
Tracked Since Feb 18, 2026