Vulnerabilities > CVE-2006-2532 - SQL-Injection vulnerability in Greg Donald Destiney Rated Images Script 0.5.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
stats.php in Destiney Rated Images Script 0.5.0 allows remote attackers to obtain the installation path via an invalid s parameter, which displays the path in an error message. NOTE: this issue was originally claimed to be SQL injection, but CVE analysis shows that the problem is related to an invalid value that prevents some variables from being set.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |