Vulnerabilities > CVE-2006-0104 - Unspecified vulnerability in Ralph Capper Tinyphpforum
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Directory traversal vulnerability in TinyPHPForum 3.6 and earlier allows remote attackers to create a new user account, create a new topic, or view the profile of a user account, as demonstrated via a .. (dot dot) in the uname parameter to profile.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 7 |
References
- http://evuln.com/vulns/14/exploit.html
- http://evuln.com/vulns/14/exploit.html
- http://evuln.com/vulns/14/summary.html
- http://evuln.com/vulns/14/summary.html
- http://secunia.com/advisories/18293
- http://secunia.com/advisories/18293
- http://securityreason.com/securityalert/320
- http://securityreason.com/securityalert/320
- http://securitytracker.com/id?1015436
- http://securitytracker.com/id?1015436
- http://www.osvdb.org/22258
- http://www.osvdb.org/22258
- http://www.securityfocus.com/archive/1/420933/100/0/threaded
- http://www.securityfocus.com/archive/1/420933/100/0/threaded
- http://www.securityfocus.com/bid/16163
- http://www.securityfocus.com/bid/16163
- http://www.vupen.com/english/advisories/2006/0054
- http://www.vupen.com/english/advisories/2006/0054