CVE-2008-6178

Fckeditor - Code Injection

Title source: rule

Description

Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote attackers to execute arbitrary code by creating a file with PHP sequences preceded by a ZIP header, uploading this file via a FileUpload action with the application/zip content type, and then accessing this file via a direct request to the file in UserFiles/File/, probably a related issue to CVE-2005-4094. NOTE: some of these details are obtained from third party information.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Sp3shial · phpwebappsphp

https://www.exploit-db.com/exploits/8060

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by EgiX · phpwebappsphp

https://www.exploit-db.com/exploits/6783

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/33973

[Exploit] http://www.securityfocus.com/bid/31812

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/48769

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/8060

[Third Party Advisory] http://www.vupen.com/english/advisories/2009/0447

Scores

EPSS 0.1087

EPSS Percentile 93.4%

Details

CWE

CWE-94

Status published

Products (11)

fckeditor/fckeditor 2.0rc2

fckeditor/fckeditor 2.0rc3

fckeditor/fckeditor 2.2

fckeditor/fckeditor 2.3beta

fckeditor/fckeditor 2.4.3

phplist/phplist 2.10.1

phplist/phplist 2.10.2

phplist/phplist 2.10.3

phplist/phplist 2.10.4

phplist/phplist 2.10.5

... and 1 more

Published Feb 19, 2009

Tracked Since Feb 18, 2026