Vulnerabilities > CVE-2006-2896 - Security Bypass vulnerability in Funkboard Cf0.71

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
funkboard
exploit available
NVD
Published: 2006-06-07
Updated: 2018-10-18

Summary

profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action.

Vulnerable Configurations

Part Description Count
Application
Funkboard
1

Exploit-Db

descriptionFunkBoard CF0.71 (profile.php) Remote User Pass Change Exploit. CVE-2006-2896. Webapps exploit for php platform
fileexploits/php/webapps/1875.html
idEDB-ID:1875
last seen2016-01-31
modified2006-06-04
platformphp
port
published2006-06-04
reporterajann
sourcehttps://www.exploit-db.com/download/1875/
titleFunkBoard CF0.71 profile.php Remote User Pass Change Exploit
typewebapps

References