5 matches found
CVE-2006-4752
The CVE-2006-4752 entry affects Laurentiu Matei’s eXpandable Home Page (XHP) CMS 0.5.1. The vulnerability arises in the engine module where an invalid action parameter allows remote attackers to obtain the installation path. No exploit details or specific versions beyond 0.5.1 are provided in the...
CVE-2006-4751
Cross-site scripting XSS vulnerability in index.php in Laurentiu Matei eXpandable Home Page XHP CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the errcode parameter...
CVE-2006-4752
Laurentiu Matei eXpandable Home Page XHP CMS 0.5.1 allows remote attackers to obtain the installation path via a query to the engine module, probably with an invalid action parameter...
CVE-2006-1371
Laurentiu Matei eXpandable Home Page XHP CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using 1 manager.php, 2 standalonemanager.php, and 3 images.php...
CVE-2006-1371
CVE-2006-1371 affects XHP CMS