CVE-2006-5986

Name of the Vulnerable Software and Affected Versions Extreme CMS version 0.9 and possibly earlier

Description The issue allows remote attackers to conduct unauthorized activities due to a lack of authentication requirement in the admin/options.php file. This can potentially be combined with another vulnerability to expand the scope of a cross-site scripting (XSS) attack without authentication.

Recommendations For Extreme CMS version 0.9 and possibly earlier, consider implementing proper authentication mechanisms for the admin/options.php file to prevent unauthorized access. As a temporary workaround, restrict access to the admin/options.php file until a proper fix is applied.