Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, when the upload feature is enabled, does not verify the Type parameter, which allows remote attackers to upload arbitrary file types. NOTE: It is not clear whether this is related to CVE-2006-0658.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FCKeditor upload.php 输入验证漏洞
Vulnerability Description
FCKditor是一款开放源码的HTML文本编辑器。 FCKeditor在处理文件上传时存在输入验证错误,远程攻击可能利用此漏洞上传任意文件。 在通过editor/filemanager/upload/php/upload.php上传文件时攻击者可以通过为Type参数定义无效的值导致上传任意脚本。成功攻击要求config.php配置文件中启用的文件上传,而默认是禁用的。
CVSS Information
N/A
Vulnerability Type
N/A