Spaw and FCKeditor Vulnerability Reports

check this often to be informed about any security problem that was reported.
Post Reply
User avatar
Oliver Georgi
Site Admin
Posts: 9560
Joined: Fri 3. Oct 2003, 22:22
Location: Moscow, Russia
Contact:

Spaw and FCKeditor Vulnerability Reports

Post by Oliver Georgi » Mon 1. Oct 2007, 09:24

Notice: This is no phpwcms specific problem!

Hi friends,

I have seen that there are still attacks against Spaw and FCKeditor - so this is just a warning. There might be possible security problems for older releases of Spaw and/or FCKeditor. So please check again that you use most current releases of phpwcms or fix it yourself.

http://secunia.com/product/2635/?task=advisories
http://secunia.com/product/7973/?task=advisories

WYSIWYG editors are located at:
Spaw 1.x: include/inc_ext/spaw
Spaw 2.x: include/inc_ext/spaw2
FCKeditor: include/inc_ext/fckeditor

If you have an upgraded release including Spaw2 delete Spaw1!

Current releases of phpwcms have patched versions included and also some more security checks inside - but nobody is perfect.

Oliver
Oliver Georgi | phpwcms Developer | GitHub | LinkedIn | Систрон

Post Reply