DescriptionIncomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs444928, 447590

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
moin (PTS)buster, buster (security)1.9.9-1+deb10u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gforgesourcesarge(not affected)
gforgesourceetch(not affected)
karrigellsource(unstable)(not affected)


This problem should rather be addressed by proper httpd config
The change only adds a workaround for insecure configs
- karrigell <not-affected> (Does not include vulnerable php code)
[etch] - gforge <not-affected> (fckeditor is not shipped in these versions)
[sarge] - gforge <not-affected> (fckeditor is not shipped in these versions)

Search for package or bug name: Reporting problems