CVE-2006-3362

Severity

51%

Complexity

49%

Confidentiality

106%

Upgrade to Geeklog version 1.4.0sr4 : http://www.geeklog.net/filemgmt/index.php?id=727

Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.

Upgrade to Geeklog version 1.4.0sr4 : http://www.geeklog.net/filemgmt/index.php?id=727

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

First reported 18 years ago

2006-07-06 20:05:00

Last updated 6 years ago

2018-10-18 16:47:00

Affected Software

Geeklog Geeklog 1.4.0

1.4.0

References

http://retrogod.altervista.org/toenda_100_shizouka_xpl.html

Exploit

20886

Patch, Vendor Advisory

21117

Vendor Advisory

http://www.geeklog.net/article.php/exploit-for-fckeditor-filemanager

http://www.geeklog.net/article.php/geeklog-1.4.0sr4

20060717 ToendaCMS <= 1.0.0 arbitrary file upload

18767

Exploit

19072

Exploit

30950

ADV-2006-2611

ADV-2006-2868

geeklog-multiple-scripts-file-include(27469)

geeklog-connector-file-upload(27494)

toendacms-connector-file-upload(27799)

1964

2035

6344

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.