CVE-2006-0478

Name of the Vulnerable Software and Affected Versions CRE Loaded versions 6.0x through 6.1x

Description The issue allows remote attackers to perform privileged actions, including uploading and creating arbitrary files, via a direct request to "files.php". The vendor encourages users to modify their installations as soon as possible.

Recommendations For CRE Loaded versions 6.0x through 6.1x, apply the patch provided by the vendor to close the vulnerability. As a temporary workaround, consider restricting access to the "files.php" file until the patch is applied.