CVE-2006-6879
Unrestricted file upload vulnerability CVE-2006-6879 affects PHP-Update 2.7 and earlier. Authenticated users can upload arbitrary PHP scripts via the userfile parameter to gfx/ and files/ directories through admin/uploads.php. The NVD notes a base AV:N/AC:M/Au:S/C:P/I:P/A:P with a medium base sco...