CVE-2006-3362 Information

Description

Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager as used in (1) Geeklog 1.4.0 through 1.4.0sr3 (2) toendaCMS 1.0.0 Shizouka Stable and earlier (3) WeBid 0.5.4 and possibly other products when installed on Apache with mod_mime allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed such as .zip.

Reference

http://retrogod.altervista.org/toenda_100_shizouka_xpl.html http://secunia.com/advisories/20886 http://secunia.com/advisories/21117 http://www.geeklog.net/article.php/exploit-for-fckeditor-filemanager http://www.geeklog.net/article.php/geeklog-1.4.0sr4 http://www.securityfocus.com/archive/1/440423/100/0/threaded http://www.securityfocus.com/bid/18767 http://www.securityfocus.com/bid/19072 http://www.securityfocus.com/bid/30950 http://www.vupen.com/english/advisories/2006/2611 http://www.vupen.com/english/advisories/2006/2868 https://exchange.xforce.ibmcloud.com/vulnerabilities/27469 https://exchange.xforce.ibmcloud.com/vulnerabilities/27494 https://exchange.xforce.ibmcloud.com/vulnerabilities/27799 https://www.exploit-db.com/exploits/1964 https://www.exploit-db.com/exploits/2035 https://www.exploit-db.com/exploits/6344