Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power services invision power board vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-2059
action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote malicious users to execute arbitrary PHP code via a search with a crafted value of the lastdate parameter, which alters the behavior of a regular expression to add a "#e&qu...
Invision Power Services Invision Power Board 2.1.5 2006-03-08
1 EDB exploit
6.4
CVSSv2
CVE-2006-2060
Directory traversal vulnerability in action_admin/paysubscriptions.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote authenticated administrators to include and execute arbitrary local PHP files via a .. (dot dot) in the name parameter, preceded by...
Invision Power Services Invision Power Board 2.0.x
Invision Power Services Invision Power Board 2.1.x
5
CVSSv2
CVE-2006-2061
SQL injection vulnerability in lib/func_taskmanager.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote malicious users to execute arbitrary SQL commands via the ck parameter, which can inject at most 32 characters.
Invision Power Services Invision Board 2.1
Invision Power Services Invision Board 2.0 Pdr3
Invision Power Services Invision Board 2.0.3
Invision Power Services Invision Power Board 2.1.5 2006-03-08
Invision Power Services Invision Board 2.0.1
Invision Power Services Invision Board 2.0 Pf2
Invision Power Services Invision Board 2.0.2
Invision Power Services Invision Board 2.1 Alpha2
Invision Power Services Invision Board 2.0 Alpha 3
Invision Power Services Invision Board 2.1.5
Invision Power Services Invision Board 2.0
Invision Power Services Invision Board 2.0.4
Invision Power Services Invision Board 2.0 Pf1
1 EDB exploit
6.8
CVSSv2
CVE-2006-1369
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.5 and previous versions prior to 20060308 allows remote malicious users to inject arbitrary web script or HTML via a Private Message (PM) in certain circumstances.
Invision Power Services Invision Power Board 2.1 Alpha2
Invision Power Services Invision Power Board 2.1.5
Invision Power Services Invision Power Board 2.1
4.3
CVSSv2
CVE-2006-1326
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board 2.0.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) result_type, (2) search_in, (3) nav, (4) forums, and (5) s parameters in the Search action to index.php; (6) st parame...
Invision Power Services Invision Power Board 2.0.4
7 EDB exploits
5.8
CVSSv2
CVE-2006-1287
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 prior to 20060130 allows remote malicious users to steal cookies and probably conduct other activities when the victim is using Internet Explorer.
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.4
7.5
CVSSv2
CVE-2006-1288
Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 2.0.4 and 2.1.4 prior to 20060105 allow remote malicious users to execute arbitrary SQL commands via cookies, related to (1) arrays of id/stamp pairs and (2) the keys in arrays of key/value pairs in ipsclass.php...
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.4
5.1
CVSSv2
CVE-2006-1267
Invision Power Board 2.1.4 allows remote malicious users to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.
Invision Power Services Invision Power Board 2.1.4
7.5
CVSSv2
CVE-2006-1076
SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote malicious users to execute arbitrary SQL commands via the st parameter.
Invision Power Services Invision Power Board 2.1.5
1 EDB exploit
5
CVSSv2
CVE-2006-0909
Invision Power Board (IPB) 2.1.4 and previous versions allows remote malicious users to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Rende...
Invision Power Services Invision Power Board 2.1 Beta2
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1 Rc1
Invision Power Services Invision Power Board 2.1.1
Invision Power Services Invision Power Board 2.1.2
Invision Power Services Invision Power Board 2.1.3
Invision Power Services Invision Power Board 2.1 Beta5
Invision Power Services Invision Power Board 2.1.0
Invision Power Services Invision Power Board 2.0.0
Invision Power Services Invision Power Board 2.0.3
Invision Power Services Invision Power Board 2.1 Beta4
Invision Power Services Invision Power Board 2.1 Beta3
Invision Power Services Invision Power Board 2.1.4
Invision Power Services Invision Power Board 2.0.2
Invision Power Services Invision Power Board 2.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »