CVE-2006-1209

PHP Advanced Transfer Manager <1.31 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1209. PoCs published by Kacper.

AI-analyzed exploit summary This exploit leverages a directory traversal vulnerability in PHP Advanced Transfer Manager <= 1.30 to disclose source code by accessing files in the 'users' directory or via the 'viewers' scripts with manipulated 'current_dir' and 'filename' parameters.

Description

PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive information, including password hashes, under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for a users/[USERNAME] file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kacper · phpwebappsphp
https://www.exploit-db.com/exploits/2968

This exploit leverages a directory traversal vulnerability in PHP Advanced Transfer Manager <= 1.30 to disclose source code by accessing files in the 'users' directory or via the 'viewers' scripts with manipulated 'current_dir' and 'filename' parameters.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: PHP Advanced Transfer Manager <= 1.30
No auth needed
Prerequisites: Target application must be accessible · Directory traversal vulnerability must be unpatched
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25127
Exploit, URL Repurposed x_refsource_misc
http://www.blogcu.com/Liz0ziM/316652/
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/427216/100/0/threaded
Exploit x_refsource_misc
http://biyosecurity.be/bugs/patm.txt
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/437513/100/200/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/565
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17134

Scores

EPSS 0.0331
EPSS Percentile 87.0%

Details

Status published
Products (8)
bugada_andrea/php_advanced_transfer_manager 1.00
bugada_andrea/php_advanced_transfer_manager 1.01
bugada_andrea/php_advanced_transfer_manager 1.02
bugada_andrea/php_advanced_transfer_manager 1.03
bugada_andrea/php_advanced_transfer_manager 1.20
bugada_andrea/php_advanced_transfer_manager 1.21
bugada_andrea/php_advanced_transfer_manager 1.22
bugada_andrea/php_advanced_transfer_manager 1.30
Published Mar 14, 2006
Tracked Since Feb 18, 2026