CVE-2006-6878

Name of the Vulnerable Software and Affected Versions: PHP-Update versions 2.7 and earlier

Description: The issue allows remote attackers to gain privileges by setting the rights[7] parameter to 1 during a login action. This is related to the admin/uploads.php file.

Recommendations: For PHP-Update versions 2.7 and earlier, as a temporary workaround, consider restricting access to the admin/uploads.php file until a patch is available. Avoid using the rights[7] parameter during login actions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.