Lucene search

[email protected]CVE-2006-0921

HistoryFeb 28, 2006 - 11:02 a.m.

CVE-2006-0921

2006-02-2811:02:00

[email protected]

web.nvd.nist.gov

cve

2006

0921

directory traversal

connector.php

fckeditor 2.0 fc

runcms

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.5%

JSON

Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote attackers to list and create arbitrary directories via a … (dot dot) in the CurrentFolder parameter to (1) GetFoldersAndFiles and (2) CreateFolder.

Affected configurations

NVD

Node

fckeditorfckeditorMatch2.0_fc

CPENameOperatorVersion
fckeditor:fckeditorfckeditoreq2.0_fc

CPE	Name	Operator	Version
fckeditor:fckeditor	fckeditor	eq	2.0_fc

References

securityreason.com/securityalert/484

www.nsag.ru/vuln/952.html

www.securityfocus.com/archive/1/425937/100/0/threaded

www.securityfocus.com/archive/1/434559/30/4890/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/24878

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.5%

JSON

Related for CVE-2006-0921

prion1 nvd1 cvelist1