Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.
secunia.com/advisories/19353
www.attrition.org/pipermail/vim/2006-March/000649.html
www.osvdb.org/24058
www.osvdb.org/24059
www.securityfocus.com/bid/17209
www.vupen.com/english/advisories/2006/1052
xhp.targetit.ro/index.php?page=3&box_id=34&action=show_single_entry&post_id=10
exchange.xforce.ibmcloud.com/vulnerabilities/25399
www.exploit-db.com/exploits/1605