Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-2265

EPSS 92.76% · P100
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-2265

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
FCKeditor 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
FCKeditor是个人开发者的一款开源的专用于在网页上编辑HTML的编辑器。 FCKeditor的editor/filemanager/browser/default/connectors/php/connector.php模块中存在路径遍历漏洞: 147.function FileUpload( $resourceType, $currentFolder ) 148.{ 149.$sErrorNumber = '0' ; 150.$sFileName = '' ; 151. 152.if ( isse
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2009-2265

#POC DescriptionSource LinkShenlong Link
1coldfusion exploit based on https://cvedetails.com/cve/CVE-2009-2265/https://github.com/zaphoxx/zaphoxx-coldfusionPOC Details
2Nonehttps://github.com/crypticdante/CVE-2009-2265POC Details
3cf8-upload.py | CVE-2009-2265https://github.com/p1ckzi/CVE-2009-2265POC Details
4ColdFusion 8.0.1 - Arbitrary File Upload to RCEhttps://github.com/0xConstant/CVE-2009-2265POC Details
5Nonehttps://github.com/H3xL00m/CVE-2009-2265POC Details
6Nonehttps://github.com/n3ov4n1sh/CVE-2009-2265POC Details
7Nonehttps://github.com/c0d3cr4f73r/CVE-2009-2265POC Details
8Nonehttps://github.com/Sp3c73rSh4d0w/CVE-2009-2265POC Details
9Nonehttps://github.com/0xwh1pl4sh/CVE-2009-2265POC Details
10Nonehttps://github.com/N3rdyN3xus/CVE-2009-2265POC Details
11Nonehttps://github.com/NyxByt3/CVE-2009-2265POC Details
12Nonehttps://github.com/h3xcr4ck3r/CVE-2009-2265POC Details
13Nonehttps://github.com/n3rdh4x0r/CVE-2009-2265POC Details
14Adobe ColdFusion 8 - Remote Command Execution (RCE)https://github.com/0xDTC/Adobe-ColdFusion-8-RCE-CVE-2009-2265POC Details
15ColdFusion 8.0.1 - Arbitrary File Upload to RCEhttps://github.com/banomaly/CVE-2009-2265POC Details
16Nonehttps://github.com/h3x0v3rl0rd/CVE-2009-2265POC Details
17A Rust implementation of the POC for the CVE-2009-2265 exploit, targeting Adobe ColdFusion 8.https://github.com/nika0x38/CVE-2009-2265POC Details
18posix sh poc for CVE-2009-2265 (deps: curl,msfvenom,uuidgen,tr)https://github.com/matesz44/CVE-2009-2265POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2009-2265

Please Login to view more intelligence information

Same Patch Batch · n/a · 2009-07-05 · 28 CVEs total

CVE-2009-2320Axesstel MV 410R输入检查绕过安全漏洞
CVE-2009-2333CMS Chainuk 路径遍历漏洞
CVE-2009-2332Cms.Tut.Su CMS Chainuk 'index.php,admin_delete.php'信息泄露漏洞
CVE-2009-2331Cms.Tut.Su CMS Chainuk多个静态代码注入漏洞
CVE-2009-2330Cms.Tut.Su CMS Chainuk 'admin_menu.php'跨站脚本攻击漏洞
CVE-2009-2329KerviNet kervinet_forum 信息泄露漏洞
CVE-2009-2328KerviNet kervinet_forum 'edit_user.php'授权问题漏洞
CVE-2009-2327KerviNet kervinet_forum 'add_voting.php'跨站脚本攻击漏洞
CVE-2009-2326KerviNet kervinet_forum 'index.php,message.php' SQL注入漏洞
CVE-2009-2325clicknet cms 'index.php'路径游历漏洞
CVE-2009-2324FCKeditor connectors模块'samples'多个跨站脚本及目录遍历漏洞
CVE-2009-2323Axesstel MV 410R跨站脚本攻击安全漏洞
CVE-2009-2322Axesstel MV 410R 'sysconf.cgi'跨站脚本攻击安全漏洞
CVE-2009-2321Axesstel MV 410R 'sysconf.cgi'拒绝服务攻击安全漏洞
CVE-2007-6727KerviNet Forum topic.php SQL注入漏洞
CVE-2009-2319Axesstel MV 410R 'sysconf.cgi'多个远程安全漏洞
CVE-2009-2318Axesstel MV 410R SYN远程拒绝服务安全漏洞
CVE-2009-2317Axesstel MV 410R弱口令安全漏洞
CVE-2009-2316IBM Tivoli Identity Manager多个跨站脚本漏洞
CVE-2009-2314Sun Lightweight Availability Collection 工具文件覆盖漏洞

Showing top 20 of 28 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2009-2265

No comments yet

Leave a comment