CVE-2006-5787

IPrimal Forums <20061105 - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5787. PoCs published by Bl0od3r.

AI-analyzed exploit summary This exploit targets a vulnerability in iPrimal Forums, allowing an attacker to create a new user account with arbitrary credentials by sending a crafted HTTP POST request. The exploit bypasses authentication by directly submitting user details to the admin interface.

Description

admin/index.php in IPrimal Forums as of 20061105 allows remote attackers to bypass authentication and modify user passwords via a direct request, possibly related to an authentication issue in admin/chk_admin.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Bl0od3r · perlwebappsphp

https://www.exploit-db.com/exploits/2731

View Code ZIP pw:eip

This exploit targets a vulnerability in iPrimal Forums, allowing an attacker to create a new user account with arbitrary credentials by sending a crafted HTTP POST request. The exploit bypasses authentication by directly submitting user details to the admin interface.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: iPrimal Forums (version unspecified)

No auth needed

Prerequisites: Network access to the target web application · Knowledge of the target path

MITRE ATT&CK