Vulnerability Database

296,172

Total vulnerabilities in the database

CVE-2006-1371

Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.

  • Published: Mar 24, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-1371
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9
  • AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

Software From Fixed in
xhp / cms - 0.5.x