CVE-2006-7082

Name of the Vulnerable Software and Affected Versions Rigter Portal System (RPS) versions 1.0 through 3.0

Description The issue allows remote attackers to bypass authentication and upload arbitrary files. This can be achieved via direct requests to API endpoints such as "adm/photos/images.php" and "adm/down/files.php".

Recommendations For versions 1.0 through 3.0, restrict access to the "adm/photos/images.php" and "adm/down/files.php" API endpoints to prevent unauthorized file uploads. Consider implementing proper authentication mechanisms to prevent bypass attacks.