PT-2006-7382 · Unknown · Logahead Unu
Corryl
·
Published
2006-12-28
·
Updated
2018-10-17
·
CVE-2006-6783
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
logahead UNU version 1.0 before 20061226
Description:
The issue allows remote attackers to upload arbitrary files via unspecified vectors related to plugins/widged/ widged.php, possibly because of an authentication bypass.
Recommendations:
For logahead UNU version 1.0 before 20061226, consider restricting access to the plugins/widged/ widged.php file until a fix is available. As a temporary workaround, review and strengthen authentication mechanisms to prevent bypass.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Logahead Unu