CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 2CVE-2006-7133 – PHP Upload Tool 1.0 - Arbitrary File Upload / Directory Traversal
https://notcve.org/view.php?id=CVE-2006-7133
Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remote attackers to read arbitrary files via (1) ".." sequences or (2) absolute pathnames in the filename parameter. Vulnerabilidad de salto de directorio en upload/bind/download.php de Upload Tool for PHP 1.0 permite a atacantes remotos leer archivos de su elección mediante (1) secuencias .. (punto punto) o (2) nombres de ruta absolutos en el parámetro filename. • https://www.exploit-db.com/exploits/29072 http://secunia.com/advisories/22973 http://www.craigheffner.com/security/exploits/upload_tool_php.txt http://www.securityfocus.com/bid/21150 http://www.vupen.com/english/advisories/2006/4575 https://exchange.xforce.ibmcloud.com/vulnerabilities/30322 •