Directory traversal vulnerability in profile.php in TinyPHPforum 3.6 and earlier allows remote attackers to include and execute arbitrary files via ".." sequences in the uname parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 81.2%