CVE-2006-6863
CRITICALEnigma2 < - RCE
Title source: llmDescription
PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Mehmet Ince · textwebappsphp
https://www.exploit-db.com/exploits/3051
References (6)
Scores
CVSS v3
9.8
EPSS
0.0556
EPSS Percentile
90.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Classification
Status
draft
Affected Products (1)
enigma/wordpress_bridge
Timeline
Published
Dec 31, 2006
Tracked Since
Feb 18, 2026