Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power board vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2012-2226
Invision Power Board prior to 3.3.1 fails to sanitize user-supplied input which could allow remote malicious users to obtain sensitive information or execute arbitrary code by uploading a malicious file.
Invisioncommunity Invision Power Board
1 EDB exploit
NA
CVE-2007-5688
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote malicious users to execute arbitrary SQL commands via the (1) go and (2) cat parameters.
Sebflipper Multi-forums Module 1.3.3
Invision Power Services Invision Power Board
Phpbb Phpbb
1 EDB exploit
NA
CVE-2010-3424
Cross-site scripting (XSS) vulnerability in admin/sources/classes/bbcode/custom/defaults.php in Invision Power Board (IP.Board) 3.1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Invisioncommunity Invision Power Board 3.1.2
NA
CVE-2006-0633
The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data generated from partially predictable seeds to create the authentication code that is sent by e-mail to a user with a lost password, which might make it easier for remote malicious user...
Invisionpower Invision Power Board 2.1.4
6.1
CVSSv3
CVE-2009-5159
Invision Power Board (aka IPB or IP.Board) 2.x up to and including 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment.
Invisioncommunity Invision Power Board
Microsoft Internet Explorer 5
8.1
CVSSv3
CVE-2016-6174
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) prior to 4.1.13, when used with PHP prior to 5.4.24 or 5.5.x prior to 5.5.8, allows remote malicious users to execute arbitrary code v...
Invisioncommunity Invision Power Board
Php Php 5.5.2
Php Php 5.5.1
Php Php 5.5.0
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.4
Php Php 5.5.3
Php Php
1 EDB exploit
NA
CVE-2004-2413
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 up to and including 5.0 allows remote malicious users to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Virtual Programming Vp-asp 4.0
Virtual Programming Vp-asp 4.50
Virtual Programming Vp-asp 5.0
1 EDB exploit
NA
CVE-2006-0750
SQL injection vulnerability in army.php in supersmashbrothers (SSB) Army System 2.1.0 for Invision Power Board (IPB) allows remote malicious users to execute arbitrary SQL commands via the userstat parameter in an army action to index.php.
Supersmashbrothers Army System 2.1.0 For Ipb
1 EDB exploit
NA
CVE-2006-0520
SQL injection vulnerability index.php in Dragoran Portal module 1.3 for Invision Power Board (IPB) allows remote malicious users to execute arbitrary SQL commands via the site parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
Dragoran Portal Module 1.3
1 EDB exploit
NA
CVE-2003-1454
Invision Power Services Invision Board 1.0 up to and including 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote malicious users to gain access.
Invision Power Services Invision Board 1.1.1
Invision Power Services Invision Board 1.0
Invision Power Services Invision Board 1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »