Cre Loaded · Cre Loaded · CVE-2006-0478
**Name of the Vulnerable Software and Affected Versions**
CRE Loaded versions 6.0x through 6.1x
**Description**
The issue allows remote attackers to perform privileged actions, including uploading and creating arbitrary files, via a direct request to "files.php". The vendor encourages users to modify their installations as soon as possible.
**Recommendations**
For CRE Loaded versions 6.0x through 6.1x, apply the patch provided by the vendor to close the vulnerability. As a temporary workaround, consider restricting access to the "files.php" file until the patch is applied.