CVE-2006-4584

Name of the Vulnerable Software and Affected Versions Tr Forum version 2.0

Description The issue allows remote attackers to bypass authentication and add an administrative account. This is achieved by manipulating the login and password parameters to the "admin/insert admin.php" endpoint.

Recommendations For Tr Forum version 2.0, consider restricting access to the "admin/insert admin.php" endpoint until a patch is available. As a temporary workaround, avoid using the login and password parameters in this endpoint to minimize the risk of exploitation.