← back
CVE-2006-2896

CVE-2006-2896

EPSS 9.2%
profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/1875unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/20433http://securityreason.com/securityalert/1066https://exchange.xforce.ibmcloud.com/vulnerabilities/26912https://www.exploit-db.com/exploits/1875http://www.funkboard.co.uk/forum/thread.php?id=302http://www.securityfocus.com/archive/1/435987/100/0/threadedhttp://www.vupen.com/english/advisories/2006/2158