VYPR
Unrated severityNVD Advisory· Published Jan 6, 2006· Updated Jun 16, 2026

CVE-2006-0103

CVE-2006-0103

Description

TinyPHPForum 3.6 and earlier stores the (1) users/[USERNAME].hash and (2) users/[USERNAME].email files under the web root with insufficient access control, which allows remote attackers to list all registered users and possibly obtain other sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:ralph_capper:tinyphpforum:3.46:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.46:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.47:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.48:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.49:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.499:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.6:*:*:*:*:*:*:*
    • (no CPE)range: <=3.6

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.