Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power services invision power board vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-8897
Invision Power Services (IPS) Community Suite 4.1.19.2 and previous versions has pre-auth reflected XSS in the IPS UTF8 Converter v1.1.18: admin/convertutf8/index.php?controller= is the attack vector. This UTF8 Converter vulnerability can easily be used to make a malicious announ...
Invisioncommunity Invision Power Board
7.5
CVSSv2
CVE-2017-8898
Invision Power Services (IPS) Community Suite 4.1.19.2 and previous versions has stored XSS in the Announcements, allowing privilege escalation from an Invision Power Board moderator to an admin. An attack uses the announce_content parameter in an index.php?/modcp/announcements/&...
Invisioncommunity Invision Power Board
6.8
CVSSv2
CVE-2017-8899
Invision Power Services (IPS) Community Suite 4.1.19.2 and previous versions has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moder...
Invisioncommunity Invision Power Board
4.3
CVSSv2
CVE-2016-2564
Invision Power Services (IPS) Community Suite prior to 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the more_entropy flag. Attackers can guess an Invision Power Board session cookie if they can predict the exact time of cookie generation.
Invisioncommunity Invision Power Board
6.8
CVSSv2
CVE-2016-6174
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) prior to 4.1.13, when used with PHP prior to 5.4.24 or 5.5.x prior to 5.5.8, allows remote malicious users to execute arbitrary code v...
Invisioncommunity Invision Power Board
Php Php 5.5.2
Php Php 5.5.1
Php Php 5.5.0
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.4
Php Php 5.5.3
Php Php
1 EDB exploit
7.8
CVSSv2
CVE-2015-6812
Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) prior to 4.0.12.1 allows remote malicious users to cause a denial of service (loop and memory consumption) via a crafted URL.
Invisioncommunity Invision Power Board
3.5
CVSSv2
CVE-2015-6810
Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) 4.x prior to 4.0.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the event_location[address] array parameter t...
Invisionpower Invision Power Board 4.0.2
Invisionpower Invision Power Board 4.0.3
Invisionpower Invision Power Board 4.0.4
Invisionpower Invision Power Board 4.0.5.1
Invisionpower Invision Power Board 4.0.9.2
Invisionpower Invision Power Board 4.0.10.2
Invisionpower Invision Power Board 4.0.11
Invisionpower Invision Power Board 4.0.12
Invisionpower Invision Power Board 4.0.0
Invisionpower Invision Power Board 4.0.7
Invisionpower Invision Power Board 4.0.8.1
Invisionpower Invision Power Board 4.0.1
Invisionpower Invision Power Board 4.0.6.1
Invisionpower Invision Power Board 4.0.8
1 EDB exploit
4.3
CVSSv2
CVE-2008-6565
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an IFRAME tag in the signature.
Invision Power Services Invision Power Board 2.3
Invision Power Services Invision Power Board 1.0.3
Invision Power Services Invision Power Board 1.2
Invision Power Services Invision Power Board 2.0.3
Invision Power Services Invision Power Board 2.0.0
Invision Power Services Invision Power Board 2.1.5 2006-03-08
Invision Power Services Invision Power Board 2.1.5
Invision Power Services Invision Power Board 2.1 Beta3
Invision Power Services Invision Power Board 2.1 Beta2
Invision Power Services Invision Power Board 2.2.2
Invision Power Services Invision Power Board 2.2.1
Invision Power Services Invision Power Board
Invision Power Services Invision Power Board 1.3 Final
Invision Power Services Invision Power Board 1.0.1
Invision Power Services Invision Power Board 2.0 Pf1
Invision Power Services Invision Power Board 2.0 Alpha3
Invision Power Services Invision Power Board 2.1.2
Invision Power Services Invision Power Board 2.0 Pf2
Invision Power Services Invision Power Board 2.1
Invision Power Services Invision Power Board 2.1.5 2006-04-25
Invision Power Services Invision Power Board 2.1.x
Invision Power Services Invision Power Board 2.1.7
1 EDB exploit
7.5
CVSSv2
CVE-2008-4171
SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote malicious users to execute arbitrary SQL commands via the name parameter.
Invision Power Services Invision Power Board 2.2
Invision Power Services Invision Power Board 2.3
4.3
CVSSv2
CVE-2008-1359
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 prior to 2008-03-13 allows remote malicious users to inject arbitrary web script or HTML via nested BBCodes, a different vector than CVE-2008-0913.
Invision Power Services Invision Power Board
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »