Vulnerabilities > CVE-2006-7134 - Arbitrary File Upload and Directory Traversal vulnerability in Noah Spurrier Upload Tool for PHP 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unrestricted file upload vulnerability in main_user.php in Upload Tool for PHP 1.0 allows remote attackers to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Successful exploitation requires valid user credentials.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |