Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power board vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2006-1267
Invision Power Board 2.1.4 allows remote malicious users to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.
Invision Power Services Invision Power Board 2.1.4
4.3
CVSSv2
CVE-2006-1326
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board 2.0.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) result_type, (2) search_in, (3) nav, (4) forums, and (5) s parameters in the Search action to index.php; (6) st parame...
Invision Power Services Invision Power Board 2.0.4
7 EDB exploits
6.8
CVSSv2
CVE-2003-1385
ipchat.php in Invision Power Board 1.1.1 allows remote malicious users to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web server that contains the code.
Invision Power Services Invision Power Board 1.1.1
1 EDB exploit
4.3
CVSSv2
CVE-2008-0913
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote malicious users to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context.
Invision Power Services Invision Power Board 2.3.4
4.3
CVSSv2
CVE-2004-1578
Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote malicious users to execute arbitrary web script or HTML via the Referer field in the HTTP header.
Invision Power Services Invision Power Board 2.0.0
4.3
CVSSv2
CVE-2004-2279
Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote malicious users to execute arbitrary script as other users via the pop parameter in a chat action to index.php.
Invision Power Services Invision Power Board 1.3 Final
5
CVSSv2
CVE-2006-2059
action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote malicious users to execute arbitrary PHP code via a search with a crafted value of the lastdate parameter, which alters the behavior of a regular expression to add a "#e&qu...
Invision Power Services Invision Power Board 2.1.5 2006-03-08
1 EDB exploit
5
CVSSv2
CVE-2004-0355
Invision Power Board 1.3 Final allows remote malicious users to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message.
Invision Power Services Invision Board 1.3
4.3
CVSSv2
CVE-2005-3547
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 allows remote malicious users to inject arbitrary web script or HTML via the (1) adsess, (2) name, and (3) description parameters in admin.php, and the (4) ACP Notes, (5) Member Name, (6) Password, (7) Email Add...
Invision Power Services Invision Board 2.1
1 EDB exploit
4
CVSSv2
CVE-2005-3548
Directory traversal vulnerability in Task Manager in Invision Power Board (IP.Board) 2.0.1 allows limited remote malicious users to include files via a .. (dot dot) in the "Task PHP File To Run" field.
Invision Power Services Invision Board 2.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »