Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2006-1645

Published: 06/04/2006 Updated: 18/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Reloadcms

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in Anton Vlasov and Rostislav Gaitkuloff ReloadCMS 1.2.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML and gain leverage to execute arbitrary PHP code via the User-Agent HTTP header, which is displayed by admin/modules/general/statistic.php in the administration panel.

Vulnerable Product Search on Vulmon Subscribe to Product

reloadcms reloadcms 1.2.5

reloadcms reloadcms 1.2.1

reloadcms reloadcms 1.2.2

reloadcms reloadcms 1.2.3

reloadcms reloadcms 1.2.4

reloadcms reloadcms 1.2.0

reloadcms reloadcms 1.2.0_p1

Exploits

Exploit DB: ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution
<?php /* ReloadCMS <= 125stable Cross site scripting / remote command execution software site: reloadcmscom/ description: "ReloadCMS is a free CMS written on PHP and based on flat files" vulnerability: ReloadCMS do not properly sanitize User-Agent request header before to store it in statsdat file Example of an attack, through ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/17353http://secunia.com/advisories/19470http://www.osvdb.org/24327http://www.vupen.com/english/advisories/2006/1193https://exchange.xforce.ibmcloud.com/vulnerabilities/25604http://www.securityfocus.com/archive/1/429666/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/1631/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook