CVE-2006-4751

Laurentiu Matei XHP CMS 0.5.1 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the errcode parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by HACKERS PAL · textwebappsphp

https://www.exploit-db.com/exploits/28509

View Code ZIP pw:eip

References (7)

[Vendor Advisory] http://secunia.com/advisories/21877

[Exploit] http://securitytracker.com/id?1016823

[Exploit] http://www.securityfocus.com/bid/19948

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/28860

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/445727/100/0/threaded

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/3560

[Third Party Advisory] http://securityreason.com/securityalert/1565

Scores

EPSS 0.0764

EPSS Percentile 91.7%

Classification

Status draft

Affected Products (1)

laurentiu_matei/expandable_home_page_cms

Timeline

Published Sep 13, 2006

Tracked Since Feb 18, 2026