{"api_version":"1","generated_at":"2026-04-23T06:53:54+00:00","cve":"CVE-2006-3362","urls":{"html":"https://cve.report/CVE-2006-3362","api":"https://cve.report/api/cve/CVE-2006-3362.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-3362","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-3362"},"summary":{"title":"CVE-2006-3362","description":"Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2006-07-06 20:05:00","updated_at":"2018-10-18 16:47:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"https://www.exploit-db.com/exploits/1964","name":"1964","refsource":"EXPLOIT-DB","tags":[],"title":"GeekLog <= 1.4.0sr3 f(u)ckeditor Remote Code Execution Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27469","name":"geeklog-multiple-scripts-file-include(27469)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/21117","name":"21117","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Secunia - Advisories - toendaCMS connector.php File Upload Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/440423/100/0/threaded","name":"20060717 ToendaCMS <= 1.0.0 arbitrary file upload","refsource":"BUGTRAQ","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/2868","name":"ADV-2006-2868","refsource":"VUPEN","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/6344","name":"6344","refsource":"EXPLOIT-DB","tags":[],"title":"WeBid 0.5.4 (fckeditor) Remote Arbitrary File Upload Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/18767","name":"18767","refsource":"BID","tags":["Exploit"],"title":"Geeklog Connector.PHP Arbitrary File Upload Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.geeklog.net/article.php/exploit-for-fckeditor-filemanager","name":"http://www.geeklog.net/article.php/exploit-for-fckeditor-filemanager","refsource":"CONFIRM","tags":[],"title":"Geeklog - Exploit for FCKeditor's mcpuk file manager","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/30950","name":"30950","refsource":"BID","tags":[],"title":"WeBid 'config.php' Arbitrary File Upload Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://retrogod.altervista.org/toenda_100_shizouka_xpl.html","name":"http://retrogod.altervista.org/toenda_100_shizouka_xpl.html","refsource":"MISC","tags":["Exploit"],"title":"Error 404 :(","mime":"text/plain","httpstatus":"404","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27494","name":"geeklog-connector-file-upload(27494)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/2611","name":"ADV-2006-2611","refsource":"VUPEN","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/20886","name":"20886","refsource":"SECUNIA","tags":["Patch","Vendor Advisory"],"title":"Geeklog \"connector.php\" File Upload Vulnerability - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/19072","name":"19072","refsource":"BID","tags":["Exploit"],"title":"ToendaCMS Connector.PHP Arbitrary File Upload Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27799","name":"toendacms-connector-file-upload(27799)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.geeklog.net/article.php/geeklog-1.4.0sr4","name":"http://www.geeklog.net/article.php/geeklog-1.4.0sr4","refsource":"CONFIRM","tags":[],"title":"Geeklog - Geeklog 1.4.0sr4","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/2035","name":"2035","refsource":"EXPLOIT-DB","tags":[],"title":"ToendaCMS 1.0.0 - 'FCKeditor' Arbitrary File Upload - PHP webapps Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-3362","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-3362","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"geeklog","cpe5":"geeklog","cpe6":"1.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"geeklog","cpe5":"geeklog","cpe6":"1.4.0_sr1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"geeklog","cpe5":"geeklog","cpe6":"1.4.0_sr2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"geeklog","cpe5":"geeklog","cpe6":"1.4.0_sr3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"geeklog","cpe5":"geeklog","cpe6":"1.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"geeklog","cpe5":"geeklog","cpe6":"1.4.0_sr1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"geeklog","cpe5":"geeklog","cpe6":"1.4.0_sr2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"geeklog","cpe5":"geeklog","cpe6":"1.4.0_sr3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"toenda_software_development","cpe5":"toendacms","cpe6":"0.6.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"toenda_software_development","cpe5":"toendacms","cpe6":"0.6.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"toenda_software_development","cpe5":"toendacms","cpe6":"0.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"toenda_software_development","cpe5":"toendacms","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"toenda_software_development","cpe5":"toendacms","cpe6":"0.6.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"toenda_software_development","cpe5":"toendacms","cpe6":"0.6.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"toenda_software_development","cpe5":"toendacms","cpe6":"0.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"3362","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"toenda_software_development","cpe5":"toendacms","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-3362","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"19072","refsource":"BID","url":"http://www.securityfocus.com/bid/19072"},{"name":"18767","refsource":"BID","url":"http://www.securityfocus.com/bid/18767"},{"name":"30950","refsource":"BID","url":"http://www.securityfocus.com/bid/30950"},{"name":"http://www.geeklog.net/article.php/geeklog-1.4.0sr4","refsource":"CONFIRM","url":"http://www.geeklog.net/article.php/geeklog-1.4.0sr4"},{"name":"geeklog-multiple-scripts-file-include(27469)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27469"},{"name":"toendacms-connector-file-upload(27799)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27799"},{"name":"http://www.geeklog.net/article.php/exploit-for-fckeditor-filemanager","refsource":"CONFIRM","url":"http://www.geeklog.net/article.php/exploit-for-fckeditor-filemanager"},{"name":"ADV-2006-2868","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/2868"},{"name":"6344","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/6344"},{"name":"2035","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/2035"},{"name":"1964","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/1964"},{"name":"20886","refsource":"SECUNIA","url":"http://secunia.com/advisories/20886"},{"name":"geeklog-connector-file-upload(27494)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27494"},{"name":"20060717 ToendaCMS <= 1.0.0 arbitrary file upload","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/440423/100/0/threaded"},{"name":"21117","refsource":"SECUNIA","url":"http://secunia.com/advisories/21117"},{"name":"http://retrogod.altervista.org/toenda_100_shizouka_xpl.html","refsource":"MISC","url":"http://retrogod.altervista.org/toenda_100_shizouka_xpl.html"},{"name":"ADV-2006-2611","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/2611"}]}},"nvd":{"publishedDate":"2006-07-06 20:05:00","lastModifiedDate":"2018-10-18 16:47:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":5.1},"severity":"MEDIUM","exploitabilityScore":4.9,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:geeklog:geeklog:1.4.0_sr1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:geeklog:geeklog:1.4.0_sr2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:toenda_software_development:toendacms:0.6.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:geeklog:geeklog:1.4.0_sr3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:geeklog:geeklog:1.4.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:toenda_software_development:toendacms:0.7:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:toenda_software_development:toendacms:0.6.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:toenda_software_development:toendacms:1.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"3362","Ordinal":"18687","Title":"CVE-2006-3362","CVE":"CVE-2006-3362","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"3362","Ordinal":"1","NoteData":"Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.","Type":"Description","Title":null},{"CveYear":"2006","CveId":"3362","Ordinal":"2","NoteData":"2006-07-06","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"3362","Ordinal":"3","NoteData":"2018-10-18","Type":"Other","Title":"Modified"}]}}}