Lucene search

[email protected]NVD:CVE-2006-1371

HistoryMar 23, 2006 - 11:06 p.m.

CVE-2006-1371

2006-03-2323:06:00

CWE-94

[email protected]

web.nvd.nist.gov

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.032 Low

EPSS

Percentile

91.2%

JSON

Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.

Affected configurations

NVD

Node

xhpcmsRange≤0.5

References

secunia.com/advisories/19353

www.attrition.org/pipermail/vim/2006-March/000649.html

www.osvdb.org/24058

www.osvdb.org/24059

www.securityfocus.com/bid/17209

www.vupen.com/english/advisories/2006/1052

xhp.targetit.ro/index.php?page=3&box_id=34&action=show_single_entry&post_id=10

exchange.xforce.ibmcloud.com/vulnerabilities/25399

www.exploit-db.com/exploits/1605

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.032 Low

EPSS

Percentile

91.2%

JSON

Related for NVD:CVE-2006-1371

openvas2 prion1 cvelist1 cve1