Frederico Caldeira Knabben : Security Vulnerabilities, CVEs,
FCKeditor.Java 2.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed request parameter that contains "ctrl" characters.
Max CVSS
5.0
EPSS Score
3.26%
Published
2010-05-26
Updated
2017-08-17
Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658.
Max CVSS
5.0
EPSS Score
1.64%
Published
2007-06-11
Updated
2017-07-29
2 vulnerabilities found