CVE-2006-2896
FunkBoard CF0.71 - Unauthenticated Arbitrary Password Change via Profile Edit UID Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-2896. PoCs published by ajann.
AI-analyzed exploit summary This HTML form exploits CVE-2006-2896, a vulnerability in profile.php that allows arbitrary file uploads by manipulating the form action. The PoC demonstrates how an attacker can bypass restrictions to upload malicious files.
Description
profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ajann · htmlwebappsphp
https://www.exploit-db.com/exploits/1875
This HTML form exploits CVE-2006-2896, a vulnerability in profile.php that allows arbitrary file uploads by manipulating the form action. The PoC demonstrates how an attacker can bypass restrictions to upload malicious files.
Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target:
profile.php (specific version not specified)
Auth required
Prerequisites:
Access to the vulnerable profile.php page · Valid user credentials
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (7)
Core 7
Core References
Various Sources x_refsource_confirm
http://www.funkboard.co.uk/forum/thread.php?id=302
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/1875
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26912
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/1066
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/435987/100/0/threaded
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2158
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20433
Scores
EPSS
0.0919
EPSS Percentile
94.7%
Details
Status
published
Products (1)
funkboard/funkboard
cf0.71
Published
Jun 07, 2006
Tracked Since
Feb 18, 2026