Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power services invision power board vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-2963
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board (IPB or IP.Board) 2.2.2, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via (1) module_bbcodeloader.php, (2) module_div.php, (3) module_email.php, (4) module_im...
Invision Power Services Invision Power Board
7.5
CVSSv2
CVE-2006-4155
Unspecified vulnerability in func_topic_threaded.php (aka threaded view mode) in Invision Power Board (IPB) prior to 2.1.7 21013.60810.s allows remote malicious users to "access posts outside the topic."
Invision Power Services Invision Power Board
4.3
CVSSv2
CVE-2008-1359
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 prior to 2008-03-13 allows remote malicious users to inject arbitrary web script or HTML via nested BBCodes, a different vector than CVE-2008-0913.
Invision Power Services Invision Power Board
4.3
CVSSv2
CVE-2008-0913
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote malicious users to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context.
Invision Power Services Invision Power Board 2.3.4
2.6
CVSSv2
CVE-2006-0888
index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote malicious users to cause an unspecified denial of service by registering a large number of users.
Invision Power Services Invision Power Board 2.0.1
2 EDB exploits
4.3
CVSSv2
CVE-2004-1578
Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote malicious users to execute arbitrary web script or HTML via the Referer field in the HTTP header.
Invision Power Services Invision Power Board 2.0.0
5.1
CVSSv2
CVE-2006-1267
Invision Power Board 2.1.4 allows remote malicious users to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.
Invision Power Services Invision Power Board 2.1.4
4.3
CVSSv2
CVE-2006-1326
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board 2.0.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) result_type, (2) search_in, (3) nav, (4) forums, and (5) s parameters in the Search action to index.php; (6) st parame...
Invision Power Services Invision Power Board 2.0.4
7 EDB exploits
7.5
CVSSv2
CVE-2006-1076
SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote malicious users to execute arbitrary SQL commands via the st parameter.
Invision Power Services Invision Power Board 2.1.5
1 EDB exploit
6.8
CVSSv2
CVE-2003-1385
ipchat.php in Invision Power Board 1.1.1 allows remote malicious users to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web server that contains the code.
Invision Power Services Invision Power Board 1.1.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »