TinyPHPForum Multiple Vulnerabilities

Summary
TinyPHPForum is prone to a directory-traversal vulnerability and to an authentication-bypass vulnerability because it fails to sufficiently sanitize user-supplied input data. A remote attacker can exploit this issue to perform administrative functions without requiring authentication or obtain sensitive information that could aid in further attacks. TinyPHPForum 3.6 and 3.6.1 are vulnerable
References