Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power board vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1287
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 prior to 20060130 allows remote malicious users to steal cookies and probably conduct other activities when the victim is using Internet Explorer.
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.4
NA
CVE-2006-1288
Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 2.0.4 and 2.1.4 prior to 20060105 allow remote malicious users to execute arbitrary SQL commands via cookies, related to (1) arrays of id/stamp pairs and (2) the keys in arrays of key/value pairs in ipsclass.php...
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.4
NA
CVE-2006-1267
Invision Power Board 2.1.4 allows remote malicious users to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.
Invision Power Services Invision Power Board 2.1.4
NA
CVE-2006-1153
SQL injection vulnerability in D2-Shoutbox 4.2 allows remote malicious users to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB).
D2-shoutbox D2-shoutbox 4.2
1 EDB exploit
NA
CVE-2006-1076
SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote malicious users to execute arbitrary SQL commands via the st parameter.
Invision Power Services Invision Power Board 2.1.5
1 EDB exploit
NA
CVE-2006-0909
Invision Power Board (IPB) 2.1.4 and previous versions allows remote malicious users to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Rende...
Invision Power Services Invision Power Board 2.0.0
Invision Power Services Invision Power Board 2.0.1
Invision Power Services Invision Power Board 2.1.3
Invision Power Services Invision Power Board 2.1.4
Invision Power Services Invision Power Board 2.1.1
Invision Power Services Invision Power Board 2.1.2
Invision Power Services Invision Power Board 2.1 Rc1
Invision Power Services Invision Power Board 2.0.2
Invision Power Services Invision Power Board 2.0.3
Invision Power Services Invision Power Board 2.1 Beta2
Invision Power Services Invision Power Board 2.1 Beta3
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.0
Invision Power Services Invision Power Board 2.1 Beta4
Invision Power Services Invision Power Board 2.1 Beta5
NA
CVE-2006-0910
Invision Power Board (IPB) 2.1.4 and previous versions allows remote malicious users to list directory contents via a direct request to multiple directories, including (1) sources/loginauth/convert/, (2) sources/portal_plugins/, (3) cache/skin_cache/cacheid_2/, (4) ips_kernel/PEA...
Invision Power Services Invision Power Board 2.0.0
Invision Power Services Invision Power Board 2.0.1
Invision Power Services Invision Power Board 2.1.4
Invision Power Services Invision Power Board 2.1 Beta2
Invision Power Services Invision Power Board 2.1.2
Invision Power Services Invision Power Board 2.1.3
Invision Power Services Invision Power Board 2.0.2
Invision Power Services Invision Power Board 2.0.3
Invision Power Services Invision Power Board 2.1 Beta3
Invision Power Services Invision Power Board 2.1 Beta4
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.0
Invision Power Services Invision Power Board 2.1.1
Invision Power Services Invision Power Board 2.1 Beta5
Invision Power Services Invision Power Board 2.1 Rc1
NA
CVE-2006-0888
index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote malicious users to cause an unspecified denial of service by registering a large number of users.
Invision Power Services Invision Power Board 2.0.1
2 EDB exploits
NA
CVE-2006-0750
SQL injection vulnerability in army.php in supersmashbrothers (SSB) Army System 2.1.0 for Invision Power Board (IPB) allows remote malicious users to execute arbitrary SQL commands via the userstat parameter in an army action to index.php.
Supersmashbrothers Army System 2.1.0 For Ipb
1 EDB exploit
NA
CVE-2006-0633
The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data generated from partially predictable seeds to create the authentication code that is sent by e-mail to a user with a lost password, which might make it easier for remote malicious user...
Invisionpower Invision Power Board 2.1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »