PT-2008-3514 · Acidcat+1 · Acidcat Cms+1
Published
2008-04-27
·
Updated
2018-10-11
·
CVE-2008-1993
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Acidcat CMS version 3.4.1
Description
The issue allows remote attackers to upload arbitrary files due to a lack of access restriction to the FCKEditor component.
Recommendations
For Acidcat CMS version 3.4.1, restrict access to the FCKEditor component to prevent arbitrary file uploads.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acidcat Cms
Ckeditor