Lucene search

[email protected]NVD:CVE-2006-7133

HistoryMar 06, 2007 - 1:19 a.m.

CVE-2006-7133

2007-03-0601:19:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.017

Percentile

87.9%

JSON

Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remote attackers to read arbitrary files via (1) “…” sequences or (2) absolute pathnames in the filename parameter.

Affected configurations

Nvd

Node

php_upload_toolphp_upload_toolMatch1.0

VendorProductVersionCPE
php_upload_toolphp_upload_tool1.0cpe:2.3:a:php_upload_tool:php_upload_tool:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php_upload_tool	php_upload_tool	1.0	cpe:2.3:a:php_upload_tool:php_upload_tool:1.0:::::::*

References

secunia.com/advisories/22973

www.craigheffner.com/security/exploits/upload_tool_php.txt

www.securityfocus.com/bid/21150

www.vupen.com/english/advisories/2006/4575

exchange.xforce.ibmcloud.com/vulnerabilities/30322

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.017

Percentile

87.9%

JSON

Related for NVD:CVE-2006-7133

cve1 cvelist1 exploitdb1