CVE-2006-3362

critical

Description

Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.

References

https://www.exploit-db.com/exploits/6344

https://www.exploit-db.com/exploits/2035

https://www.exploit-db.com/exploits/1964

https://exchange.xforce.ibmcloud.com/vulnerabilities/27799

https://exchange.xforce.ibmcloud.com/vulnerabilities/27494

https://exchange.xforce.ibmcloud.com/vulnerabilities/27469

http://www.vupen.com/english/advisories/2006/2868

http://www.vupen.com/english/advisories/2006/2611

http://www.securityfocus.com/bid/30950

http://www.securityfocus.com/archive/1/440423/100/0/threaded

http://www.geeklog.net/article.php/geeklog-1.4.0sr4

http://www.geeklog.net/article.php/exploit-for-fckeditor-filemanager

http://secunia.com/advisories/21117

http://secunia.com/advisories/20886

Details

Source: Mitre, NVD

Published: 2006-07-06

Updated: 2018-10-18

Risk Information

CVSS v2

Base Score: 5.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical