Security Advisory
CVE-2006-6743
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
phpProfiles before 2.1.1 uses world writable permissions for certain profile files and directories, which allows local users to modify or delete files, related to (1) users/include/do_makeprofile.inc.php and (2) users/include/copy.inc.php.