CVE-2006-6743

Name of the Vulnerable Software and Affected Versions: phpProfiles versions prior to 2.1.1

Description: The issue allows local users to modify or delete files due to world writable permissions for certain profile files and directories. This is related to the files users/include/do makeprofile.inc.php and users/include/copy.inc.php.

Recommendations: For versions prior to 2.1.1, update to version 2.1.1 or later to resolve the issue. As a temporary workaround, consider restricting write access to the affected files and directories, specifically users/include/do makeprofile.inc.php and users/include/copy.inc.php, to prevent unauthorized modifications.