Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power services vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2004-2279
Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote malicious users to execute arbitrary script as other users via the pop parameter in a chat action to index.php.
Invision Power Services Invision Power Board 1.3 Final
4.3
CVSSv2
CVE-2006-1326
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board 2.0.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) result_type, (2) search_in, (3) nav, (4) forums, and (5) s parameters in the Search action to index.php; (6) st parame...
Invision Power Services Invision Power Board 2.0.4
7 EDB exploits
5.1
CVSSv2
CVE-2006-1267
Invision Power Board 2.1.4 allows remote malicious users to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.
Invision Power Services Invision Power Board 2.1.4
2.6
CVSSv2
CVE-2006-0888
index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote malicious users to cause an unspecified denial of service by registering a large number of users.
Invision Power Services Invision Power Board 2.0.1
2 EDB exploits
7.5
CVSSv2
CVE-2006-1076
SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote malicious users to execute arbitrary SQL commands via the st parameter.
Invision Power Services Invision Power Board 2.1.5
1 EDB exploit
4.3
CVSSv2
CVE-2008-0913
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote malicious users to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context.
Invision Power Services Invision Power Board 2.3.4
5
CVSSv2
CVE-2006-2059
action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote malicious users to execute arbitrary PHP code via a search with a crafted value of the lastdate parameter, which alters the behavior of a regular expression to add a "#e&qu...
Invision Power Services Invision Power Board 2.1.5 2006-03-08
1 EDB exploit
7.5
CVSSv2
CVE-2008-0421
SQL injection vulnerability in Invision Gallery 2.0.7 and previous versions allows remote malicious users to execute arbitrary SQL commands via the album parameter in a rate command.
Invision Power Services Invision Gallery
1 EDB exploit
4.3
CVSSv2
CVE-2005-3477
Multiple interpretation error in the image upload handling code in Invision Gallery 2.0.3 allows remote malicious users to conduct cross-site scripting (XSS) attacks via HTML or script in an image whose type does not match its extension, which is rendered by Internet Explorer due...
Invision Power Services Invision Gallery 2.0.3
7.5
CVSSv2
CVE-2005-3395
SQL injection vulnerability in Invision Gallery 2.0.3 allows remote malicious users to execute arbitrary SQL commands via the st parameter.
Invision Power Services Invision Gallery 2.0.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »