CVE-2006-2739

Epicdesigns tinyBB < 0.3 - Remote File Inclusion via tinybb_footers Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2739.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in tinyBB <= 0.3, including remote file inclusion (RFI) via the 'tinybb_footers' parameter, local file inclusion (LFI) via null byte injection, and SQL injection via the 'username' parameter in login.php. The RFI and LFI allow arbitrary file inclusion, while the SQL injection can bypass authentication.

Description

PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the tinybb_footers parameter.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/1839

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in tinyBB <= 0.3, including remote file inclusion (RFI) via the 'tinybb_footers' parameter, local file inclusion (LFI) via null byte injection, and SQL injection via the 'username' parameter in login.php. The RFI and LFI allow arbitrary file inclusion, while the SQL injection can bypass authentication.

Classification

Working Poc 90%

Attack Type

Rce | Sqli | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: tinyBB <= 0.3

No auth needed

Prerequisites: Network access to the target application · PHP remote file inclusion enabled on the server

MITRE ATT&CK