ID CVE-2006-6887
Type cve
Reporter cve@mitre.org
Modified 2010-07-07T04:00:00
Description
Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), a different vulnerability than CVE-2006-6783. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
{"id": "CVE-2006-6887", "bulletinFamily": "NVD", "title": "CVE-2006-6887", "description": "Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), a different vulnerability than CVE-2006-6783. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.", "published": "2006-12-31T05:00:00", "modified": "2010-07-07T04:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6887", "reporter": "cve@mitre.org", "references": ["http://secunia.com/advisories/23470"], "cvelist": ["CVE-2006-6887"], "type": "cve", "lastseen": "2019-05-29T18:08:35", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "c52a0fcedd4e5a4fb5b7af6ead52dd9c"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "4f8b20baea61a0acfa61b0bfd96a9fdb"}, {"key": "cpe23", "hash": "7414597e62a7932b1b26517bb2e582e9"}, {"key": "cvelist", "hash": "fbf2df500789e429cff51dd9332694c4"}, {"key": "cvss", "hash": "4cac367be6dd8242802053610be9dee6"}, {"key": "cvss2", "hash": "805c5c751007648306c308e497e20dab"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "697763cf5916ecb521e5a8e56e23f6d3"}, {"key": "description", "hash": "b66bca9edf3adc8f22512213024008a3"}, {"key": "href", "hash": "5dbc7f81b4fb833a5c934bdf4811784a"}, {"key": "modified", "hash": "72f5075f2f7d2f689e717985f3622b03"}, {"key": "published", "hash": "ed57dcc4fb5c911b94ea09eeae1c33f5"}, {"key": "references", "hash": "6c42ddc779746a153a0d36f9bf060ee8"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "e73075fbc3af57485599a82cf25d8cbe"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "bcac2bae09c32d2dfa8094b952528587feb024bc3f0855741c29ddf7b127fac1", "viewCount": 0, "enchantments": {"score": {"value": 7.1, "vector": "NONE", "modified": "2019-05-29T18:08:35"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:32484"]}], "modified": "2019-05-29T18:08:35"}, "vulnersScore": 7.1}, "objectVersion": "1.3", "cpe": ["cpe:/a:logahead:logahead_unu:1.0"], "affectedSoftware": [{"name": "logahead logahead_unu", "operator": "eq", "version": "1.0"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:logahead:logahead_unu:1.0:*:*:*:*:*:*:*"], "cwe": ["CWE-94"]}
{"osvdb": [{"lastseen": "2017-04-28T13:20:28", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:23470](https://secuniaresearch.flexerasoftware.com/advisories/23470/)\n[Related OSVDB ID: 32483](https://vulners.com/osvdb/OSVDB:32483)\nOther Advisory URL: http://logahead.com/forums/comments.php?DiscussionID=216\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-12/0403.html\n[CVE-2006-6887](https://vulners.com/cve/CVE-2006-6887)\n", "modified": "2006-12-27T06:33:51", "published": "2006-12-27T06:33:51", "href": "https://vulners.com/osvdb/OSVDB:32484", "id": "OSVDB:32484", "title": "logahead UNU Edition plugins/widged/_widged.php Unrestricted File Extension Upload", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}