← Retour aux CVEs
CVE-2006-1371
N/ADescription
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.
Details CVE
Score CVSS v3.1N/A
Publie3/23/2006
Derniere modification4/16/2026
Sourcenvd
Observations honeypot0
Produits affectes
xhp:cms
Faiblesses (CWE)
CWE-94
References
http://secunia.com/advisories/19353(cve@mitre.org)
http://www.osvdb.org/24058(cve@mitre.org)
http://www.osvdb.org/24059(cve@mitre.org)
http://www.securityfocus.com/bid/17209(cve@mitre.org)
http://www.vupen.com/english/advisories/2006/1052(cve@mitre.org)
http://xhp.targetit.ro/index.php?page=3&box_id=34&action=show_single_entry&post_id=10(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25399(cve@mitre.org)
https://www.exploit-db.com/exploits/1605(cve@mitre.org)
http://secunia.com/advisories/19353(af854a3a-2127-422b-91ae-364da2661108)
http://www.attrition.org/pipermail/vim/2006-March/000649.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/24058(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/24059(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/17209(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/1052(af854a3a-2127-422b-91ae-364da2661108)
http://xhp.targetit.ro/index.php?page=3&box_id=34&action=show_single_entry&post_id=10(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25399(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/1605(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.