CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-2532

stats.php in Destiney Rated Images Script 0.5.0 allows remote attackers to obtain the installation path via an invalid s parameter, which displays the path in an error message. NOTE: this issue was originally claimed to be SQL injection, but CVE analysis shows that the problem is related to an invalid value that prevents some variables from being set.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.0%

CVSS Severity

CVSS v2 Score 6.4

References

http://securityreason.com/securityalert/940
http://www.securityfocus.com/archive/1/434691/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26603
http://securityreason.com/securityalert/940
http://www.securityfocus.com/archive/1/434691/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26603

Products affected by CVE-2006-2532

Greg Donald » Destiney Rated Images Script » Version: 0.5.0

cpe:2.3:a:greg_donald:destiney_rated_images_script:0.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-2532

Products

Pricing

Contact Us