RSS   Vulnerabilities for 'CMS'   RSS

2006-03-23
 
CVE-2006-1371

CWE-94
 

 
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top