CVE-2006-2326

high

Description

Directory traversal vulnerability in index.php in OnlyScript.info Online Universal Payment System Script allows remote attackers to read arbitrary files via directory traversal sequences in the read parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/26341

http://www.vupen.com/english/advisories/2006/1704

http://www.securityfocus.com/bid/17889

http://www.osvdb.org/25451

http://secunia.com/advisories/20005

Details

Source: Mitre, NVD

Published: 2006-05-12

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00681