CVE-2006-6887

UNU 1.0 - RCE

Title source: llm

Description

Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), a different vulnerability than CVE-2006-6783. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED

by CorryL · textwebappsphp

https://www.exploit-db.com/exploits/3014

View Code ZIP pw:eip

References (1)

Core 1

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23470

Scores

EPSS 0.0297

EPSS Percentile 86.6%

Details

CWE

CWE-94

Status published

Products (1)

logahead/logahead_unu 1.0

Published Dec 31, 2006

Tracked Since Feb 18, 2026