CVE-2006-5597

MiniHTTP Web Forum & File Server PowerPack 4.0 - RCE

Title source: llm

Description

join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows remote attackers to add or modify arbitrary user accounts via modified (1) frmMailBox and (2) frmUserPass parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Greg Linares · cremotewindows

https://www.exploit-db.com/exploits/2651

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/22568

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2651

[Exploit] http://www.securityfocus.com/bid/20743

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/29826

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/4217

Scores

EPSS 0.0961

EPSS Percentile 92.9%

Details

Status published

Products (1)

minihttp/web_forum_file_sharing_sever_powerpack 4.0

Published Oct 28, 2006

Tracked Since Feb 18, 2026