Show filters
93 Total Results
Displaying 81-90 of 93
Sort by:
Attacker Value
Unknown

CVE-2008-4358

Disclosure Date: September 30, 2008 (last updated October 04, 2023)
Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP Edition before 2.0.8.1 has unknown impact and attack vectors, probably related to directory traversal sequences in the theme name.
0
0
Attacker Value
Unknown

CVE-2007-2823

Disclosure Date: May 22, 2007 (last updated October 04, 2023)
Multiple buffer overflows in HT Editor before 2.0.6 might allow remote attackers to execute arbitrary code via unspecified vectors, possibly involving the editor display width. NOTE: some of the details were obtained from third party information.
0
0
Attacker Value
Unknown

CVE-2006-6978

Disclosure Date: February 08, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag.
0
0
Attacker Value
Unknown

CVE-2006-4789

Disclosure Date: September 14, 2006 (last updated October 04, 2023)
Buffer overflow in Open Movie Editor 0.0.20060901 allows local users to cause a denial of service (system crash) or execute arbitrary code via a long project name in an open_movie_editor_project XML tag.
0
0
Attacker Value
Unknown

CVE-2006-2529

Disclosure Date: May 22, 2006 (last updated October 04, 2023)
editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, when the upload feature is enabled, does not verify the Type parameter, which allows remote attackers to upload arbitrary file types. NOTE: It is not clear whether this is related to CVE-2006-0658.
0
0
Attacker Value
Unknown

CVE-2006-0921

Disclosure Date: February 28, 2006 (last updated February 22, 2025)
Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote attackers to list and create arbitrary directories via a .. (dot dot) in the CurrentFolder parameter to (1) GetFoldersAndFiles and (2) CreateFolder.
0
0
Attacker Value
Unknown

CVE-2006-0658

Disclosure Date: February 13, 2006 (last updated February 22, 2025)
Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the Config[DeniedExtensions][File], such as .php.txt.
0
0
Attacker Value
Unknown

CVE-2005-4421

Disclosure Date: December 20, 2005 (last updated February 22, 2025)
Dev-Editor 3.0 allows remote attackers to access any directory outside the web root whose name is a substring of the web root directory name.
0
0
Attacker Value
Unknown

CVE-2005-2111

Disclosure Date: July 05, 2005 (last updated February 22, 2025)
login.cgi in Community Link Pro Web Editor allows remote attackers to execute arbitrary commands via the file parameter.
0
0
Attacker Value
Unknown

CVE-2005-1546

Disclosure Date: May 14, 2005 (last updated February 22, 2025)
Buffer overflow in the PE parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted PE file.
0
0
View More Topics  < Previous  Next >