Vulnerabilities > CVE-2006-5597 - Authentication Bypass vulnerability in Minihttp web Forum File Sharing Sever Powerpack 4.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
minihttp
exploit available

Summary

join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows remote attackers to add or modify arbitrary user accounts via modified (1) frmMailBox and (2) frmUserPass parameters.

Vulnerable Configurations

Part Description Count
Application
Minihttp
1

Exploit-Db

descriptionMiniHttpServer Web Forum & File Sharing Server 4.0 Add User Exploit. CVE-2006-5597. Remote exploit for windows platform
fileexploits/windows/remote/2651.c
idEDB-ID:2651
last seen2016-01-31
modified2006-10-25
platformwindows
port
published2006-10-25
reporterGreg Linares
sourcehttps://www.exploit-db.com/download/2651/
titleMiniHttpServer Web Forum & File Sharing Server 4.0 Add User Exploit
typeremote