5
CVE-2007-3163
- EPSS 1.51%
- Veröffentlicht 11.06.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:41:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginIncomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Frederico Caldeira Knabben ≫ Fckeditor Version2.4.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.51% | 0.711 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://ha.ckers.org/blog/20070606/additional-image-bypass-on-windows/
http://osvdb.org/37554
http://secunia.com/advisories/25719
http://secunia.com/advisories/25923
http://sourceforge.net/project/shownotes.php?release_id=520159
http://www.bitchiller.de/?p=20
http://www.securityfocus.com/bid/24510
https://exchange.xforce.ibmcloud.com/vulnerabilities/34982