Описание
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1371
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25399
- https://www.exploit-db.com/exploits/1605
- http://secunia.com/advisories/19353
- http://www.attrition.org/pipermail/vim/2006-March/000649.html
- http://www.osvdb.org/24058
- http://www.osvdb.org/24059
- http://www.securityfocus.com/bid/17209
- http://www.vupen.com/english/advisories/2006/1052
- http://xhp.targetit.ro/index.php?page=3&box_id=34&action=show_single_entry&post_id=10
Связанные уязвимости
nvd
почти 20 лет назад
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.