With FCKeditor you can hack a site without problems if folder permissions are not well configured.
http://www.fckeditor.net/FCKeditor/edit ... rverPath=/
Here you can see all site, and if your web server have write permissions you can upload files. If some one uploads a php file to some server with write permisions like this.... <? rm -R -f * ?>