CVE-2008-6178 - OpenCVE

Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote attackers to execute arbitrary code by creating a file with PHP sequences preceded by a ZIP header, uploading this file via a FileUpload action with the application/zip content type, and then accessing this file via a direct request to the file in UserFiles/File/, probably a related issue to CVE-2005-4094. NOTE: some of these details are obtained from third party information.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fckeditor	Fckeditor
Phplist	Phplist

Configuration 1 [-]

OR	cpe:2.3:a:fckeditor:fckeditor:2.0rc2:::::::*
	cpe:2.3:a:fckeditor:fckeditor:2.0rc3:::::::*
	cpe:2.3:a:fckeditor:fckeditor:2.2:::::::*
	cpe:2.3:a:fckeditor:fckeditor:2.3beta:::::::*
	cpe:2.3:a:fckeditor:fckeditor:2.4.3:::::::*
	cpe:2.3:a:phplist:phplist:2.10.1:::::::*
	cpe:2.3:a:phplist:phplist:2.10.2:::::::*
	cpe:2.3:a:phplist:phplist:2.10.3:::::::*
	cpe:2.3:a:phplist:phplist:2.10.4:::::::*
	cpe:2.3:a:phplist:phplist:2.10.5:::::::*
	cpe:2.3:a:phplist:phplist:2.10.6:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/33973
http://www.securityfocus.com/bid/31812
http://www.vupen.com/english/advisories/2009/0447
https://exchange.xforce.ibmcloud.com/vulnerabilities/48769
https://www.exploit-db.com/exploits/8060

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-02-19T16:00:00

Updated: 2024-08-07T11:20:25.361Z

Reserved: 2009-02-19T00:00:00

Link: CVE-2008-6178

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-02-19T16:30:00.530

Modified: 2017-09-29T01:33:00.337

Link: CVE-2008-6178

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-18T00:00:00", "descriptions": [{"lang": "en", "value": "Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote attackers to execute arbitrary code by creating a file with PHP sequences preceded by a ZIP header, uploading this file via a FileUpload action with the application/zip content type, and then accessing this file via a direct request to the file in UserFiles/File/, probably a related issue to CVE-2005-4094. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "31812", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31812"}, {"name": "33973", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33973"}, {"name": "ADV-2009-0447", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/0447"}, {"name": "falt4-fckeditor-file-upload(48769)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48769"}, {"name": "8060", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/8060"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-6178", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote attackers to execute arbitrary code by creating a file with PHP sequences preceded by a ZIP header, uploading this file via a FileUpload action with the application/zip content type, and then accessing this file via a direct request to the file in UserFiles/File/, probably a related issue to CVE-2005-4094. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "31812", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31812"}, {"name": "33973", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33973"}, {"name": "ADV-2009-0447", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0447"}, {"name": "falt4-fckeditor-file-upload(48769)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48769"}, {"name": "8060", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/8060"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T11:20:25.361Z"}, "title": "CVE Program Container", "references": [{"name": "31812", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31812"}, {"name": "33973", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33973"}, {"name": "ADV-2009-0447", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/0447"}, {"name": "falt4-fckeditor-file-upload(48769)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48769"}, {"name": "8060", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/8060"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-6178", "datePublished": "2009-02-19T16:00:00", "dateReserved": "2009-02-19T00:00:00", "dateUpdated": "2024-08-07T11:20:25.361Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fckeditor:fckeditor:2.0rc2:*:*:*:*:*:*:*", "matchCriteriaId": "B6F9F4D2-0A3E-49D6-9A58-D9BCDF492E90", "vulnerable": true}, {"criteria": "cpe:2.3:a:fckeditor:fckeditor:2.0rc3:*:*:*:*:*:*:*", "matchCriteriaId": "CF47BD2F-7AC9-490E-9289-9C259FE4F231", "vulnerable": true}, {"criteria": "cpe:2.3:a:fckeditor:fckeditor:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D2823302-CCF1-438B-B962-6EE49D371A28", "vulnerable": true}, {"criteria": "cpe:2.3:a:fckeditor:fckeditor:2.3beta:*:*:*:*:*:*:*", "matchCriteriaId": "5F841DE0-94A3-45E5-9DF6-516BDBE13CAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:fckeditor:fckeditor:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "68C583B7-5A09-4849-A1E1-600C87854A24", "vulnerable": true}, {"criteria": "cpe:2.3:a:phplist:phplist:2.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "FD0770F6-4C09-4D77-A25A-2D9C59B73795", "vulnerable": true}, {"criteria": "cpe:2.3:a:phplist:phplist:2.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "1AB6728E-74D6-4939-AA0F-6560678201CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:phplist:phplist:2.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "7212A91B-F75D-43CB-90E3-7420C0EA861A", "vulnerable": true}, {"criteria": "cpe:2.3:a:phplist:phplist:2.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "BFECF781-0084-4FBD-BD88-E55C85D9480C", "vulnerable": true}, {"criteria": "cpe:2.3:a:phplist:phplist:2.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "C5492C3F-8833-4F66-B98F-C2B33AD1F14B", "vulnerable": true}, {"criteria": "cpe:2.3:a:phplist:phplist:2.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "CB4693DD-6CAE-437E-9D36-C1182F495984", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote attackers to execute arbitrary code by creating a file with PHP sequences preceded by a ZIP header, uploading this file via a FileUpload action with the application/zip content type, and then accessing this file via a direct request to the file in UserFiles/File/, probably a related issue to CVE-2005-4094. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "Vulnerabilidad de env\u00edo de archivo no restringido en editor/filemanager/browser/default/connectors/php/connector.php en FCKeditor v2.2 en Falt4 CMS, Nuke ET, y otros productos, lo que permite a atacantes remotos ejecutar codigo a su eleccion mediante la creacion de un fichero con secuencias PHP precedidas de un encabezado ZIP, subiendo este fichero a traves la accion FileUpload, y despues accediendo al fichero a traves de una peticion directa del fichero en UserFiles/File/, probablemente relacionado con CVE-2005-4094. NOTA: Algunos detalles fueron obtenidos de una tercera parte."}], "id": "CVE-2008-6178", "lastModified": "2017-09-29T01:33:00.337", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-02-19T16:30:00.530", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/33973"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/31812"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/0447"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48769"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/8060"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}