Re: 12All File Upload Vulnerability

FCKEditor fixed in version 4.54. User needed to be logged in as an ADMIN user to be able to use this vulnerability.

12All File Upload Vulnerability

Author: John McGuire Company: ActiveCampaign Product: 1-2-All Version: 4.5x - 4.53.13 Flaw: Arbitrary File Upload Vendor Notified: Yes Patch Available: Yes Patch Location: http://www.activecampaign.com/support/forum/showthread.php?t=3293 URL: http://{12All_Location}/admin/functions/editor/edi