CVE-2006-7134

Upload Tool for PHP 1.0 - Unauthenticated Arbitrary File Upload via main_user.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-7134. PoCs published by Craig Heffner.

AI-analyzed exploit summary The exploit describes an information disclosure vulnerability in HTTP Upload Tool For PHP 1.0, where the download.php file allows unauthenticated users to read arbitrary files due to lack of input validation. The vulnerability is demonstrated via directory traversal attacks to access sensitive files like users.conf or /etc/passwd.

Description

Unrestricted file upload vulnerability in main_user.php in Upload Tool for PHP 1.0 allows remote attackers to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Craig Heffner · textwebappsphp
https://www.exploit-db.com/exploits/2791

The exploit describes an information disclosure vulnerability in HTTP Upload Tool For PHP 1.0, where the download.php file allows unauthenticated users to read arbitrary files due to lack of input validation. The vulnerability is demonstrated via directory traversal attacks to access sensitive files like users.conf or /etc/passwd.

Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: HTTP Upload Tool For PHP 1.0
No auth needed
Prerequisites: access to the download.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22973
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21150
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4575
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30365

Scores

EPSS 0.0341
EPSS Percentile 87.3%

Details

Status published
Products (1)
noah_spurrier/upload_tool_for_php 1.0
Published Mar 06, 2007
Tracked Since Feb 18, 2026