Vulnerabilities > CVE-2006-0921 - Unspecified vulnerability in Fckeditor 2.0Fc
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote attackers to list and create arbitrary directories via a .. (dot dot) in the CurrentFolder parameter to (1) GetFoldersAndFiles and (2) CreateFolder.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://securityreason.com/securityalert/484
- http://securityreason.com/securityalert/484
- http://www.nsag.ru/vuln/952.html
- http://www.nsag.ru/vuln/952.html
- http://www.securityfocus.com/archive/1/425937/100/0/threaded
- http://www.securityfocus.com/archive/1/425937/100/0/threaded
- http://www.securityfocus.com/archive/1/434559/30/4890/threaded
- http://www.securityfocus.com/archive/1/434559/30/4890/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24878
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24878