CVE-2006-7085

Name of the Vulnerable Software and Affected Versions Rigter Portal System (RPS) versions 1.0 through 3.0

Description The issue allows remote attackers to add arbitrary content and conduct cross-site scripting (XSS) attacks via a direct request to the "add art.php" endpoint. Initially, it was reported as a potential SQL injection issue, but this classification is unlikely.

Recommendations For versions 1.0 through 3.0, consider restricting access to the "add art.php" endpoint until a proper fix is implemented to prevent arbitrary content addition and XSS attacks.