Phpprofiles: >> Phpprofiles >> 2.1.0 Security Vulnerabilities
phpProfiles before 2.1.1 uses world writable permissions for certain profile files and directories, which allows local users to modify or delete files, related to (1) users/include/do_makeprofile.inc.php and (2) users/include/copy.inc.php.
CVSS Score
4.6
EPSS Score
0.001
Published
2006-12-26
phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote attackers to list directory contents or have other unknown impacts.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-12-26