PT-2006-6442 · Rhadrix · Rhadrix If-Cms
Benjamin Moss
+1
·
Published
2006-11-06
·
Updated
2024-02-14
·
CVE-2006-5761
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
Rhadrix If-CMS versions 1.01 through 2.07
Description:
The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the
rns parameter in the index.php file.Recommendations:
For Rhadrix If-CMS versions 1.01 through 2.07, consider restricting access to the index.php file until a patch is available, and avoid using the
rns parameter in the affected endpoint.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Rhadrix If-Cms