CVE-2006-7082
Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to bypass authentication and upload arbitrary files via direct requests to (1) adm/photos/images.php and (2) adm/down/files.php.
Date published : 2007-02-27
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048006.html