CVE-2006-0103

CVE-2006-0103 affects TinyPHPForum 3.6 and earlier. The issue is improper access control that stores the files users/[USERNAME].hash and users/[USERNAME].email under the web root, enabling remote attackers to list registered users and possibly obtain other sensitive information. The NVD entry cor...

CVE-2006-0104

Directory traversal vulnerability in TinyPHPForum 3.6 and earlier allows remote attackers to create a new user account, create a new topic, or view the profile of a user account, as demonstrated via a .. dot dot in the uname parameter to profile.php...

TinyPHPForum 3.6 - Multiple Directory Traversal Vulnerabilities

source: https://www.securityfocus.com/bid/16163/info TinyPHPForum is prone to multiple directory traversal vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to retrieve arbitrary files from...

TinyPHPForum 3.6 - Multiple Directory Traversal Vulnerabilities

TinyPHPForum 3.6 - Multiple Directory Traversal Vulnerabilities source: https://www.securityfocus.com/bid/16163/info TinyPHPForum is prone to multiple directory traversal vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker ca...