← back
CVE-2009-2265

CVE-2009-2265

EPSS 83.9%◆ VulnCheck KEV
Vexday Risk Score
82Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Popular PoC on GitHub (2 stars) — exploitation code widely available.
CVSS EPSS 83.9%KEV nãoPoC públicaNuclei Metasploit simPatch referenciado
Lifecycle
03 Jul 2009Metasploit module available
05 Jul 2009Published on NVD
24 Nov 2010Public PoC
Weaponization speed
506 daysto first PoC
Recommendation: Patch as soon as possible — active exploitation confirmed.
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.