Vulnerabilities > CVE-2006-0104 - Directory Traversal vulnerability in TinyPHPForum
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Directory traversal vulnerability in TinyPHPForum 3.6 and earlier allows remote attackers to create a new user account, create a new topic, or view the profile of a user account, as demonstrated via a .. (dot dot) in the uname parameter to profile.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 7 |
References
- http://evuln.com/vulns/14/exploit.html
- http://evuln.com/vulns/14/summary.html
- http://secunia.com/advisories/18293
- http://securityreason.com/securityalert/320
- http://securitytracker.com/id?1015436
- http://www.osvdb.org/22258
- http://www.securityfocus.com/archive/1/420933/100/0/threaded
- http://www.securityfocus.com/bid/16163
- http://www.vupen.com/english/advisories/2006/0054