VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 5, 2009· Updated Apr 23, 2026

CVE-2009-2265

CVE-2009-2265

Description

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.

Affected products

27
  • Fckeditor/Fckeditor27 versions
    cpe:2.3:a:fckeditor:fckeditor:*:*:*:*:*:*:*:*+ 26 more
    • cpe:2.3:a:fckeditor:fckeditor:*:*:*:*:*:*:*:*range: <=2.6.4
    • cpe:2.3:a:fckeditor:fckeditor:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.0_fc:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.0_rc2:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.0rc2:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.0rc3:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.3:beta:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.5:beta:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.6.3:beta:*:*:*:*:*:*
    • cpe:2.3:a:fckeditor:fckeditor:2.6.4:beta:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

14

News mentions

0

No linked articles in our index yet.