CVE-2006-1161

Easy File Sharing EFS Web Server 3.2 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1161. PoCs published by Revnic Vasile.

AI-analyzed exploit summary The provided text describes multiple input-validation vulnerabilities in Easy File Sharing Web Server, including HTML injection, DoS, and arbitrary file upload. It references a path traversal example but lacks executable exploit code.

Description

Absolute path traversal vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Revnic Vasile · textremotewindows
https://www.exploit-db.com/exploits/27378

The provided text describes multiple input-validation vulnerabilities in Easy File Sharing Web Server, including HTML injection, DoS, and arbitrary file upload. It references a path traversal example but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Easy File Sharing Web Server
No auth needed
Prerequisites: Network access to the target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39994
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/23791
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17046
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/427158/100/0/threaded

Scores

EPSS 0.0278
EPSS Percentile 84.6%

Details

Status published
Products (1)
efs_software/efs_web_server 3.2
Published Mar 12, 2006
Tracked Since Feb 18, 2026