Aggregates CVE and security vulnerability intelligence across all i-rater-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and related problems; some flaws may lead to vendor impact data exposure, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-6017 | SQL injection vulnerability in messages.php in I-Rater Basic allows remote attackers to execute arbitrary SQL commands via the idp parameter. | [email protected] | 7.5 | 0.48% | 2009-02-02 | 2026-04-23 |
| CVE-2006-2121 | PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929. | [email protected] | 5.0 | 6.95% | 2006-05-01 | 2026-04-16 |
| CVE-2006-1929 | PHP remote file inclusion vulnerability in include/common.php in I-Rater Platinum allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | [email protected] | 5.0 | 12.30% | 2006-04-20 | 2026-04-16 |