Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invisioncommunity invision power board vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2014-4928
SQL injection vulnerability in Invision Power Board (aka IPB or IP.Board) prior to 3.4.6 allows remote malicious users to execute arbitrary SQL commands via the cId parameter.
Invisioncommunity Invision Power Board
7.8
CVSSv2
CVE-2015-6812
Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) prior to 4.0.12.1 allows remote malicious users to cause a denial of service (loop and memory consumption) via a crafted URL.
Invisioncommunity Invision Power Board
3.5
CVSSv2
CVE-2021-39250
Invision Community (aka IPS Community Suite or IP-Board) prior to 4.6.5.1 allows stored XSS, with resultant code execution, because an uploaded file can be placed in an IFRAME element within user-generated content. For code execution, the attacker can rely on the ability of an ad...
Invisioncommunity Invision Power Board
4.3
CVSSv2
CVE-2019-8278
Stored XSS in Invision Power Board versions 3.3.1 - 3.4.8 leads to Remote Code Execution.
Invisioncommunity Invision Power Board
4.3
CVSSv2
CVE-2016-2564
Invision Power Services (IPS) Community Suite prior to 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the more_entropy flag. Attackers can guess an Invision Power Board session cookie if they can predict the exact time of cookie generation.
Invisioncommunity Invision Power Board
7.5
CVSSv2
CVE-2012-2226
Invision Power Board prior to 3.3.1 fails to sanitize user-supplied input which could allow remote malicious users to obtain sensitive information or execute arbitrary code by uploading a malicious file.
Invisioncommunity Invision Power Board
1 EDB exploit
4.3
CVSSv2
CVE-2010-3424
Cross-site scripting (XSS) vulnerability in admin/sources/classes/bbcode/custom/defaults.php in Invision Power Board (IP.Board) 3.1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Invisioncommunity Invision Power Board 3.1.2
4.3
CVSSv2
CVE-2009-5159
Invision Power Board (aka IPB or IP.Board) 2.x up to and including 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment.
Invisioncommunity Invision Power Board
Microsoft Internet Explorer 5
6.8
CVSSv2
CVE-2016-6174
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) prior to 4.1.13, when used with PHP prior to 5.4.24 or 5.5.x prior to 5.5.8, allows remote malicious users to execute arbitrary code v...
Invisioncommunity Invision Power Board
Php Php 5.5.2
Php Php 5.5.1
Php Php 5.5.0
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.4
Php Php 5.5.3
Php Php
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2