Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power services invision power board vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2008-4171
SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote malicious users to execute arbitrary SQL commands via the name parameter.
Invision Power Services Invision Power Board 2.2
Invision Power Services Invision Power Board 2.3
516
VMScore
CVE-2006-1287
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 prior to 20060130 allows remote malicious users to steal cookies and probably conduct other activities when the victim is using Internet Explorer.
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.4
668
VMScore
CVE-2006-1288
Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 2.0.4 and 2.1.4 prior to 20060105 allow remote malicious users to execute arbitrary SQL commands via cookies, related to (1) arrays of id/stamp pairs and (2) the keys in arrays of key/value pairs in ipsclass.php...
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.4
516
VMScore
CVE-2007-2349
Cross-site scripting (XSS) vulnerability in Invision Power Board (IP.Board) 2.1.x and 2.2.x allows remote malicious users to inject arbitrary web script or HTML by uploading crafted images or PDF files.
Invision Power Services Invision Power Board 2.1
Invision Power Services Invision Power Board 2.2
570
VMScore
CVE-2006-2060
Directory traversal vulnerability in action_admin/paysubscriptions.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote authenticated administrators to include and execute arbitrary local PHP files via a .. (dot dot) in the name parameter, preceded by...
Invision Power Services Invision Power Board 2.0.x
Invision Power Services Invision Power Board 2.1.x
668
VMScore
CVE-2006-3544
Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.3 Final allow remote malicious users to execute arbitrary SQL commands via the CODE parameter in a (1) Stats, (2) Mail, and (3) Reg action in index.php. NOTE: the developer has disputed this issue, stating tha...
Invision Power Services Invision Board 1.3.1 Final
Invision Power Services Invision Board 1.3 Final
445
VMScore
CVE-2002-1149
The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings.
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.0
605
VMScore
CVE-2004-0359
Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote malicious users to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.
Invision Power Services Invision Board 1.3.1 Final
Invision Power Services Invision Board 1.3 Final
383
VMScore
CVE-2007-2963
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board (IPB or IP.Board) 2.2.2, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via (1) module_bbcodeloader.php, (2) module_div.php, (3) module_email.php, (4) module_im...
Invision Power Services Invision Power Board
668
VMScore
CVE-2006-4155
Unspecified vulnerability in func_topic_threaded.php (aka threaded view mode) in Invision Power Board (IPB) prior to 2.1.7 21013.60810.s allows remote malicious users to "access posts outside the topic."
Invision Power Services Invision Power Board
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »