{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25709", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-12T12:14:33.041Z", "datePublished": "2026-04-12T12:28:54.207Z", "dateUpdated": "2026-04-15T15:24:31.713Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-12T12:28:54.207Z"}, "title": "CF Image Hosting Script 1.6.5 Unauthorized Database Access", "descriptions": [{"lang": "en", "value": "CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db file in the upload/data directory. Attackers can extract delete IDs stored in plaintext from the deserialized database and use them to delete all pictures via the d parameter."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Files or Directories Accessible to External Parties", "cweId": "CWE-552", "type": "CWE"}]}], "affected": [{"vendor": "Davidtavarez", "product": "CF Image Hosting Script", "versions": [{"version": "1.6.5", "status": "affected"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:scripteen:free_image_hosting_script:1.6.5:*:*:*:*:*:*:*"}]}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46094", "name": "ExploitDB-46094", "tags": ["exploit"]}, {"url": "https://davidtavarez.github.io/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://forum.codefuture.co.uk/showthread.php?tid=73141", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: CF Image Hosting Script 1.6.5 Unauthorized Database Access", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/cf-image-hosting-script-unauthorized-database-access"}], "credits": [{"lang": "en", "value": "David Tavarez", "type": "finder"}], "x_generator": {"engine": "vulncheck"}, "datePublic": "2019-01-08T00:00:00.000Z"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-15T15:24:21.758399Z", "id": "CVE-2019-25709", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T15:24:31.713Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25709", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-15T15:24:21.758399Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T15:24:27.764Z"}}], "cna": {"title": "CF Image Hosting Script 1.6.5 Unauthorized Database Access", "credits": [{"lang": "en", "type": "finder", "value": "David Tavarez"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Davidtavarez", "product": "CF Image Hosting Script", "versions": [{"status": "affected", "version": "1.6.5"}]}], "datePublic": "2019-01-08T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46094", "name": "ExploitDB-46094", "tags": ["exploit"]}, {"url": "https://davidtavarez.github.io/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://forum.codefuture.co.uk/showthread.php?tid=73141", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/cf-image-hosting-script-unauthorized-database-access", "name": "VulnCheck Advisory: CF Image Hosting Script 1.6.5 Unauthorized Database Access", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db file in the upload/data directory. Attackers can extract delete IDs stored in plaintext from the deserialized database and use them to delete all pictures via the d parameter."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-552", "description": "Files or Directories Accessible to External Parties"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:scripteen:free_image_hosting_script:1.6.5:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-12T12:28:54.207Z"}}}, "cveMetadata": {"cveId": "CVE-2019-25709", "state": "PUBLISHED", "dateUpdated": "2026-04-15T15:24:31.713Z", "dateReserved": "2026-04-12T12:14:33.041Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-12T12:28:54.207Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:codefuture:image_hosting_script:1.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B9AB1CF-2F75-4C68-8293-BCA76D664C93", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db file in the upload/data directory. Attackers can extract delete IDs stored in plaintext from the deserialized database and use them to delete all pictures via the d parameter."}], "id": "CVE-2019-25709", "lastModified": "2026-04-23T20:22:37.493", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-12T13:16:33.950", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Broken Link"], "url": "http://forum.codefuture.co.uk/showthread.php?tid=73141"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://davidtavarez.github.io/"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/46094"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/cf-image-hosting-script-unauthorized-database-access"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.6.5"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "CF Image Hosting Script", "source": "cna", "vendor": "Davidtavarez"}, "product": "free_image_hosting_script", "vendor": "scripteen"}], "analysis": {"en": {"generated_at": "2026-04-12T13:21:32.604652+00:00", "value": {"mitigation_remediation": ["Check the vendor's website for a patch or newer version of the CF Image Hosting Script and apply it immediately."], "summary": {"action": "Patch Now", "impact": "Data theft and loss, exposing database and allowing deletion of all images"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the CF Image Hosting Script developed by Davidtavarez, version 1.6.5. No further version details are supplied by the CNA, but the CPE indicates only this specific release is impacted.", "description_and_impact": "CF Image Hosting Script 1.6.5 contains a flaw that allows any user on the Internet to download the application's SQLite database file (imgdb.db) from the upload/data directory without authentication. The database can then be decoded to reveal delete identifiers stored in plain text. With these identifiers, an attacker can invoke the delete handler via the d parameter and remove every picture stored by the application, effectively causing a denial of service and loss of user content.", "risk_and_exploitability": "The flaw scores a 9.3 on CVSS, indicating high severity. EPSS data is not available and the issue is not listed in CISA's KEV catalog. The likely attack vector is remote unauthenticated HTTP access to a publicly readable file, so any web user can exploit it without credentials or special conditions."}}}}, "created": "2026-04-13T12:38:22.894261+00:00", "updated": "2026-04-13T12:55:48.537005+00:00", "vendors": ["scripteen", "scripteen$PRODUCT$free_image_hosting_script"]}