Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power services vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1369
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.5 and previous versions prior to 20060308 allows remote malicious users to inject arbitrary web script or HTML via a Private Message (PM) in certain circumstances.
Invision Power Services Invision Power Board 2.1 Alpha2
Invision Power Services Invision Power Board 2.1
Invision Power Services Invision Power Board 2.1.5
NA
CVE-2004-1531
SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 up to and including 2.0.2 allows remote malicious users to execute arbitrary SQL commands via the qpid parameter.
Invision Power Services Invision Board 2.0.1
Invision Power Services Invision Board 2.0.2
Invision Power Services Invision Board 2.0
1 EDB exploit
NA
CVE-2007-2349
Cross-site scripting (XSS) vulnerability in Invision Power Board (IP.Board) 2.1.x and 2.2.x allows remote malicious users to inject arbitrary web script or HTML by uploading crafted images or PDF files.
Invision Power Services Invision Power Board 2.1
Invision Power Services Invision Power Board 2.2
NA
CVE-2006-1287
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 prior to 20060130 allows remote malicious users to steal cookies and probably conduct other activities when the victim is using Internet Explorer.
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.4
NA
CVE-2008-4171
SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote malicious users to execute arbitrary SQL commands via the name parameter.
Invision Power Services Invision Power Board 2.2
Invision Power Services Invision Power Board 2.3
NA
CVE-2006-1288
Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 2.0.4 and 2.1.4 prior to 20060105 allow remote malicious users to execute arbitrary SQL commands via cookies, related to (1) arrays of id/stamp pairs and (2) the keys in arrays of key/value pairs in ipsclass.php...
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.4
NA
CVE-2006-2251
SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final up to and including 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter.
Invision Power Services Invision Community Blog 1.0
Invision Power Services Invision Community Blog 1.1
Invision Power Services Invision Community Blog 1.1.2 Final
Invision Power Services Invision Community Blog 1.2
NA
CVE-2004-1836
SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and previous versions allows remote malicious users to execute arbitrary SQL via the id parameter of the comments action.
Invision Power Services Invision Power Top Site List 1.1 Rc2
Invision Power Services Invision Power Top Site List 1.0
Invision Power Services Invision Power Top Site List 1.1
1 EDB exploit
NA
CVE-2006-2060
Directory traversal vulnerability in action_admin/paysubscriptions.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote authenticated administrators to include and execute arbitrary local PHP files via a .. (dot dot) in the name parameter, preceded by...
Invision Power Services Invision Power Board 2.0.x
Invision Power Services Invision Power Board 2.1.x
NA
CVE-2004-0359
Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote malicious users to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.
Invision Power Services Invision Board 1.3.1 Final
Invision Power Services Invision Board 1.3 Final
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »