Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power board vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2006-2060
Directory traversal vulnerability in action_admin/paysubscriptions.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote authenticated administrators to include and execute arbitrary local PHP files via a .. (dot dot) in the name parameter, preceded by...
Invision Power Services Invision Power Board 2.0.x
Invision Power Services Invision Power Board 2.1.x
6.8
CVSSv2
CVE-2004-0359
Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote malicious users to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.
Invision Power Services Invision Board 1.3.1 Final
Invision Power Services Invision Board 1.3 Final
7.5
CVSSv2
CVE-2006-3544
Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.3 Final allow remote malicious users to execute arbitrary SQL commands via the CODE parameter in a (1) Stats, (2) Mail, and (3) Reg action in index.php. NOTE: the developer has disputed this issue, stating tha...
Invision Power Services Invision Board 1.3.1 Final
Invision Power Services Invision Board 1.3 Final
5
CVSSv2
CVE-2002-1149
The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings.
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.0
4.3
CVSSv2
CVE-2007-2963
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board (IPB or IP.Board) 2.2.2, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via (1) module_bbcodeloader.php, (2) module_div.php, (3) module_email.php, (4) module_im...
Invision Power Services Invision Power Board
4.3
CVSSv2
CVE-2008-1359
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 prior to 2008-03-13 allows remote malicious users to inject arbitrary web script or HTML via nested BBCodes, a different vector than CVE-2008-0913.
Invision Power Services Invision Power Board
7.5
CVSSv2
CVE-2006-4155
Unspecified vulnerability in func_topic_threaded.php (aka threaded view mode) in Invision Power Board (IPB) prior to 2.1.7 21013.60810.s allows remote malicious users to "access posts outside the topic."
Invision Power Services Invision Power Board
4.3
CVSSv2
CVE-2004-1578
Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote malicious users to execute arbitrary web script or HTML via the Referer field in the HTTP header.
Invision Power Services Invision Power Board 2.0.0
7.5
CVSSv2
CVE-2006-1076
SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote malicious users to execute arbitrary SQL commands via the st parameter.
Invision Power Services Invision Power Board 2.1.5
1 EDB exploit
4.3
CVSSv2
CVE-2008-0913
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote malicious users to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context.
Invision Power Services Invision Power Board 2.3.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »