CVE-2006-4584 : Tr Forum 2.0 allows remote attackers to bypass authentication and add an adminis

Tr Forum 2.0 allows remote attackers to bypass authentication and add an administrative account via the login and password parameters to admin/insert_admin.php.

Published 2006-09-06 22:04:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2006-4584

Tr Forum » Tr Forum » Version: 2.0
cpe:2.3:a:tr_forum:tr_forum:2.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-4584

EPSS FAQ

23.74%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 96 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-4584

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2006-4584

https://www.exploit-db.com/exploits/2297

CVEs referencing this url
http://securitytracker.com/id?1016788

CVEs referencing this url
http://acid-root.new.fr/poc/10060903.txt

new.fr is available for purchase - Sedo.com
Exploit

CVEs referencing this url
http://www.securityfocus.com/archive/1/445079/100/0/threaded

CVEs referencing this url
http://secunia.com/advisories/21754

Vendor Advisory

CVEs referencing this url
http://securityreason.com/securityalert/1508

CVEs referencing this url
http://www.osvdb.org/28544
http://www.securityfocus.com/bid/19834

Exploit

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/28754
http://www.vupen.com/english/advisories/2006/3452

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2006-4584

Products affected by CVE-2006-4584

Exploit prediction scoring system (EPSS) score for CVE-2006-4584

CVSS scores for CVE-2006-4584

References for CVE-2006-4584