Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invisioncommunity invision power board vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-2564
Invision Power Services (IPS) Community Suite prior to 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the more_entropy flag. Attackers can guess an Invision Power Board session cookie if they can predict the exact time of cookie generation.
Invisioncommunity Invision Power Board
6.8
CVSSv2
CVE-2016-6174
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) prior to 4.1.13, when used with PHP prior to 5.4.24 or 5.5.x prior to 5.5.8, allows remote malicious users to execute arbitrary code v...
Invisioncommunity Invision Power Board
Php Php 5.5.2
Php Php 5.5.1
Php Php 5.5.0
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.4
Php Php 5.5.3
Php Php
1 EDB exploit
7.8
CVSSv2
CVE-2015-6812
Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) prior to 4.0.12.1 allows remote malicious users to cause a denial of service (loop and memory consumption) via a crafted URL.
Invisioncommunity Invision Power Board
7.5
CVSSv2
CVE-2014-9239
SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) in Invision Power Board (aka IPB or IP.Board) 3.3.x and 3.4.x up to and including 3.4.7 prior to 20141114 allows remote malicious users to execute arbitrary SQL commands via the id[] para...
Invisioncommunity Invision Power Board 3.3.0
Invisioncommunity Invision Power Board 3.4.0
Invisioncommunity Invision Power Board 3.3.1
Invisioncommunity Invision Power Board 3.3.2
Invisioncommunity Invision Power Board 3.3.3
Invisioncommunity Invision Power Board 3.4.6
Invisionpower Invision Power Board 3.4.7
Invisioncommunity Invision Power Board 3.3.4
Invisioncommunity Invision Power Board 3.4.2
Invisioncommunity Invision Power Board 3.4.4
Invisioncommunity Invision Power Board 3.4.3
Invisioncommunity Invision Power Board 3.4.5
Invisioncommunity Invision Power Board 3.4.1
4.3
CVSSv2
CVE-2014-5106
Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (aka IPB or Power Board) 3.4.x up to and including 3.4.6 allows remote malicious users to inject arbitrary web script or HTML via the HTTP Referer header to admin/install/index.php.
Invisioncommunity Invision Power Board 3.4.0
Invisioncommunity Invision Power Board 3.4.5
Invisioncommunity Invision Power Board 3.4.6
Invisioncommunity Invision Power Board 3.4.1
Invisioncommunity Invision Power Board 3.4.2
Invisioncommunity Invision Power Board 3.4.3
Invisioncommunity Invision Power Board 3.4.4
4.3
CVSSv2
CVE-2014-3149
Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (aka IPB or Power Board) 3.3.x and 3.4.x up to and including 3.4.6, as downloaded prior to 20140424, or IP.Nexus 1.5.x up to and including 1.5.9, as downloaded prior to 20140424, allows remote malicious users to ...
Invisionpower Ip.nexus 1.5.6
Invisionpower Ip.nexus 1.5.5
Invisioncommunity Invision Power Board 3.3.0
Invisioncommunity Invision Power Board 3.3.3
Invisioncommunity Invision Power Board 3.3.4
Invisioncommunity Invision Power Board 3.4.0
Invisioncommunity Invision Power Board 3.4.1
Invisioncommunity Invision Power Board 3.4.2
Invisionpower Ip.nexus 1.5.4
Invisionpower Ip.nexus 1.5.3
Invisioncommunity Invision Power Board 3.4.3
Invisioncommunity Invision Power Board 3.4.4
Invisionpower Ip.nexus 1.5.8
Invisionpower Ip.nexus 1.5.7
Invisionpower Ip.nexus 1.5.0
Invisioncommunity Invision Power Board 3.3.1
Invisioncommunity Invision Power Board 3.3.2
Invisionpower Ip.nexus 1.5.9
Invisionpower Ip.nexus 1.5.2
Invisionpower Ip.nexus 1.5.1
Invisioncommunity Invision Power Board 3.4.5
Invisioncommunity Invision Power Board 3.4.6
10
CVSSv2
CVE-2012-5692
Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x up to and including 3.3.x has unknown impact and remote attack vectors.
Invisionpower Invision Power Board 3.1.4
Invisionpower Invision Power Board 3.2.0
Invisionpower Invision Power Board 3.2.1
Invisionpower Invision Power Board 3.2.2
Invisioncommunity Invision Power Board 3.3.0
Invisioncommunity Invision Power Board 3.1.2
Invisionpower Invision Power Board 3.1.1
Invisionpower Invision Power Board 3.1.0
Invisionpower Invision Power Board 3.1.3
3 EDB exploits
4.3
CVSSv2
CVE-2010-3424
Cross-site scripting (XSS) vulnerability in admin/sources/classes/bbcode/custom/defaults.php in Invision Power Board (IP.Board) 3.1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Invisioncommunity Invision Power Board 3.1.2
7.5
CVSSv2
CVE-2009-3974
Multiple SQL injection vulnerabilities in Invision Power Board (IPB or IP.Board) 3.0.0, 3.0.1, and 3.0.2 allow remote malicious users to execute arbitrary SQL commands via the (1) search_term parameter to admin/applications/core/modules_public/search/search.php and (2) aid parame...
Invisioncommunity Invision Power Board 3.0.2
Invisioncommunity Invision Power Board 3.0.0
Invisioncommunity Invision Power Board 3.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2