Lucene search

[email protected]CVE-2006-6887

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2006-6887

2022-10-0316:21:23

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-6887

unrestricted file upload

logahead unu 1.0

remote attack

arbitrary php code

widged plugin

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.128 Low

EPSS

Percentile

95.5%

JSON

Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), a different vulnerability than CVE-2006-6783. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

logaheadlogahead_unuMatch1.0

CPENameOperatorVersion
logahead:logahead_unulogahead logahead unueq1.0

CPE	Name	Operator	Version
logahead:logahead_unu	logahead logahead unu	eq	1.0

References

secunia.com/advisories/23470

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.128 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2006-6887

cvelist2 nvd2 cve1