With FCKeditor you can hack a site without problems if folder permissions are not well configured.
http://www.fckeditor.net/FCKeditor/edit ... rverPath=/
Here you can see all site, and if your web server have write permissions you can upload files. If some one uploads a php file to some server with write permisions like this.... <? rm -R -f * ?>
I've searched a server with FCKeditor and php and upload a php file to root directory and execute it (not this script ), you have only to find any site with FCKeditor and php.
(in http://www.fckeditor.net you can only upload to /Public)