1 results (0.001 seconds)
CVSS: 9.0EPSS: 14%CPEs: 1EXPL: 2
CVSS: 9.0EPSS: 14%CPEs: 1EXPL: 2CVE-2006-1371 – XHP CMS 0.5 - 'upload' Remote Command Execution
https://notcve.org/view.php?id=CVE-2006-1371
23 Mar 2006 — Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php. • https://www.exploit-db.com/exploits/1605 • CWE-94: Improper Control of Generation of Code ('Code Injection') •