Lucene search

K
cveMitreCVE-2006-6887
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2006-6887

2022-10-0316:21:23
CWE-94
mitre
web.nvd.nist.gov
22
cve-2006-6887
unrestricted file upload
logahead unu 1.0
remote attack
arbitrary php code
widged plugin

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.128

Percentile

95.5%

Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), a different vulnerability than CVE-2006-6783. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd
Node
logaheadlogahead_unuMatch1.0
VendorProductVersionCPE
logaheadlogahead_unu1.0cpe:/a:logahead:logahead_unu:1.0:::

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.128

Percentile

95.5%

Related for CVE-2006-6887