CVE-2006-7063

tinyphpforum < 3.6 - Directory Traversal and Arbitrary File Execution via Profile UName Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-7063. PoCs published by Hessam-x.

AI-analyzed exploit summary This exploit targets a path traversal and PHP code injection vulnerability in TinyPHP forum <= 3.6. It injects malicious PHP code into Apache log files via HTTP headers and then executes arbitrary commands by including the log file through the vulnerable profile.php script.

Description

Directory traversal vulnerability in profile.php in TinyPHPforum 3.6 and earlier allows remote attackers to include and execute arbitrary files via ".." sequences in the uname parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Hessam-x · perlwebappsphp
https://www.exploit-db.com/exploits/1857

This exploit targets a path traversal and PHP code injection vulnerability in TinyPHP forum <= 3.6. It injects malicious PHP code into Apache log files via HTTP headers and then executes arbitrary commands by including the log file through the vulnerable profile.php script.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: TinyPHP forum <= 3.6
No auth needed
Prerequisites: Target must be running TinyPHP forum <= 3.6 · Apache log files must be writable and accessible via path traversal · Target must allow outbound connections to attacker
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18304
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26881
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/1857

Scores

EPSS 0.0229
EPSS Percentile 80.9%

Details

Status published
Products (1)
tinyphpforum/tinyphpforum < 3.6
Published Feb 24, 2007
Tracked Since Feb 18, 2026