Vulnerabilities > CVE-2006-6879 - Unspecified vulnerability in PHP-Update
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unrestricted file upload vulnerability in admin/uploads.php in PHP-Update 2.7 and earlier allows remote authenticated users to upload arbitrary PHP scripts to the gfx/ and files/ directories via the userfile parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description PHP-Update <= 2.7 (admin/uploads.php) Remote Code Execution Exploit. CVE-2006-6878,CVE-2006-6879. Webapps exploit for php platform file exploits/php/webapps/3020.pl id EDB-ID:3020 last seen 2016-01-31 modified 2006-12-26 platform php port published 2006-12-26 reporter undefined1_ source https://www.exploit-db.com/download/3020/ title PHP-Update <= 2.7 admin/uploads.php Remote Code Execution Exploit type webapps description PHP-Update <= 2.7 Multiple Remote Vulnerabilities Exploit. CVE-2006-6879,CVE-2006-6880. Webapps exploit for php platform file exploits/php/webapps/3017.php id EDB-ID:3017 last seen 2016-01-31 modified 2006-12-26 platform php port published 2006-12-26 reporter rgod source https://www.exploit-db.com/download/3017/ title php-update <= 2.7 - Multiple Vulnerabilities Exploit type webapps