Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fckeditor fckeditor vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-5934
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin prior to 1.9.10 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Moinmo Moinmoin
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 9.0
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
9.8
CVSSv3
CVE-2018-17573
The Wp-Insert plugin up to and including 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and fckedito...
Smartlogix Wp-insert
8.8
CVSSv3
CVE-2018-10795
Liferay 6.2.x and before has an FCKeditor configuration that allows an malicious user to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or html/js/editor/fckeditor/edit...
Liferay Liferay Portal
NA
CVE-2014-4037
Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor prior to 2.6.11 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an array key in the textinputs[] par...
Ckeditor Fckeditor
NA
CVE-2012-2067
Unspecified vulnerability in the CKeditor module 6.x-2.x prior to 6.x-2.3 and the CKEditor module 6.x-1.x prior to 6.x-1.9 and 7.x-1.x prior to 7.x-1.7 for Drupal, when the core PHP module is enabled, allows remote authenticated users or remote malicious users to execute arbitrar...
Ckeditor Fckeditor 6.x-1.1
Ckeditor Fckeditor 6.x-1.2
Ckeditor Fckeditor 6.x-1.2-1
Ckeditor Fckeditor 6.x-1.3
Ckeditor Fckeditor 6.x-1.4
Ckeditor Fckeditor 6.x-1.x
Ckeditor Fckeditor 6.x-2.0
Ckeditor Fckeditor 6.x-2.1
Ckeditor Fckeditor 6.x-2.2
Ckeditor Fckeditor 6.x-2.3
Ckeditor Fckeditor 6.x-2.x
Ckeditor Ckeditor 6.x-1.0
Ckeditor Ckeditor 6.x-1.1
Ckeditor Ckeditor 6.x-1.2
Ckeditor Ckeditor 6.x-1.3
Ckeditor Ckeditor 6.x-1.4
Ckeditor Ckeditor 6.x-1.5
Ckeditor Ckeditor 6.x-1.6
Ckeditor Ckeditor 6.x-1.7
Ckeditor Ckeditor 6.x-1.x
Ckeditor Ckeditor 7.x-1.0
Ckeditor Ckeditor 7.x-1.1
NA
CVE-2012-2066
Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2.x prior to 6.x-2.3 and the CKEditor module 6.x-1.x prior to 6.x-1.9 and 7.x-1.x prior to 7.x-1.7 for Drupal allows remote authenticated users or remote malicious users to inject arbitrary web script or HTML vi...
Ckeditor Fckeditor 6.x-1.1
Ckeditor Fckeditor 6.x-1.2
Ckeditor Fckeditor 6.x-1.2-1
Ckeditor Fckeditor 6.x-1.3
Ckeditor Fckeditor 6.x-1.4
Ckeditor Fckeditor 6.x-1.x
Ckeditor Fckeditor 6.x-2.0
Ckeditor Fckeditor 6.x-2.1
Ckeditor Fckeditor 6.x-2.2
Ckeditor Fckeditor 6.x-2.3
Ckeditor Fckeditor 6.x-2.x
Ckeditor Ckeditor 6.x-1.0
Ckeditor Ckeditor 6.x-1.1
Ckeditor Ckeditor 6.x-1.2
Ckeditor Ckeditor 6.x-1.3
Ckeditor Ckeditor 6.x-1.4
Ckeditor Ckeditor 6.x-1.5
Ckeditor Ckeditor 6.x-1.6
Ckeditor Ckeditor 6.x-1.7
Ckeditor Ckeditor 6.x-1.x
Ckeditor Ckeditor 7.x-1.0
Ckeditor Ckeditor 7.x-1.1
NA
CVE-2012-4000
Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and previous versions allows remote malicious users to inject arbitrary web script or HTML via textinput...
Ckeditor Fckeditor 2.4
Ckeditor Fckeditor 0.8
Ckeditor Fckeditor 1.3.1
Ckeditor Fckeditor 2.1.1
Ckeditor Fckeditor 1.1
Ckeditor Fckeditor 2.4.2
Ckeditor Fckeditor 1.0
Ckeditor Fckeditor 2.0
Ckeditor Fckeditor 2.6.4
Ckeditor Fckeditor 0.9.2
Ckeditor Fckeditor 1.2.4
Ckeditor Fckeditor 2.6.2
Ckeditor Fckeditor 0.9.1
Ckeditor Fckeditor 2.6.4.1
Ckeditor Fckeditor 2.6
Ckeditor Fckeditor 1.2.2
Ckeditor Fckeditor 0.8.5
Ckeditor Fckeditor 1.6
Ckeditor Fckeditor 0.9.0
Ckeditor Fckeditor 2.3.3
Ckeditor Fckeditor 2.3
Ckeditor Fckeditor 2.1
1 EDB exploit
NA
CVE-2011-3732
eggBlog 4.1.2 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by _lib/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php ...
Eggblog Eggblog 4.1.2
NA
CVE-2010-3313
phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions prior to 1.6.003; and EPL 9.1 prior to 9.1.20100309 and 9.2 prior to 9.2.20100309; allows remote malicious users t...
Egroupware Egroupware 9.1
Egroupware Egroupware 1.4.001+.002
Egroupware Egroupware 1.6.001
Egroupware Egroupware 1.6.001+.002
Egroupware Egroupware 1.6.002
Egroupware Egroupware 9.2
Egroupware Egroupware 1.4.001
Egroupware Egroupware 1.4.002
1 EDB exploit
NA
CVE-2009-4444
Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote malicious users to bypass intended extension restrictions of third-party upload applications via a f...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Services 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »