CVE-2008-1993
published 2008-04-27CVE-2008-1993: Acidcat CMS 3.4.1 does not restrict access to the FCKEditor component, which allows remote attackers to upload arbitrary files.
PriorityP348high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.83%
84.8th percentile
Acidcat CMS 3.4.1 does not restrict access to the FCKEditor component, which allows remote attackers to upload arbitrary files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acidcat | acidcat_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hj8j-8885-9jc3: Acidcat CMS 3
ghsa_unreviewed·2022-05-01
CVE-2008-1993 [HIGH] GHSA-hj8j-8885-9jc3: Acidcat CMS 3
Acidcat CMS 3.4.1 does not restrict access to the FCKEditor component, which allows remote attackers to upload arbitrary files.
Kernel
Merge tag 'xfs-5.17-merge-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux
kernel_security·2022-01-21
Merge tag 'xfs-5.17-merge-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux
Merge tag 'xfs-5.17-merge-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux
Pull xfs irix ioctl housecleaning from Darrick Wong:
"Remove the XFS_IOC_ALLOCSP* and XFS_IOC_FREESP* ioctl families.
This is the second of a series of small pull requests that perform
some long overdue housecleaning of XFS ioctls. This time, we're
vacating the implementation of all variants of the ALLOCSP and FREESP
ioctls, which are holdovers from EFS in Irix, circa 1993. Roughly
equivalent functionality have been available for both ioctls since
2.6.25 (April 2008):
- XFS_IOC_FREESP ftruncates a file.
- XFS_IOC_ALLOCSP is the equivalent of fallocate.
As noted in the fix patch for CVE 2021-4155, the ALLOCSP ioctl has
been serving up stale disk blocks since 2000, and in 21 years
**nobody** noticed. On those
No detection rules found.
No writeups or analysis indexed.
http://bugreport.ir/index.php?/36http://securityreason.com/securityalert/3842http://www.securityfocus.com/archive/1/491129/100/0/threadedhttp://www.securityfocus.com/bid/28868https://exchange.xforce.ibmcloud.com/vulnerabilities/41922https://www.exploit-db.com/exploits/5478http://bugreport.ir/index.php?/36http://securityreason.com/securityalert/3842http://www.securityfocus.com/archive/1/491129/100/0/threadedhttp://www.securityfocus.com/bid/28868https://exchange.xforce.ibmcloud.com/vulnerabilities/41922https://www.exploit-db.com/exploits/5478
2008-04-27
Published