Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invision power board vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2006-2060
Directory traversal vulnerability in action_admin/paysubscriptions.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote authenticated administrators to include and execute arbitrary local PHP files via a .. (dot dot) in the name parameter, preceded by...
Invision Power Services Invision Power Board 2.0.x
Invision Power Services Invision Power Board 2.1.x
445
VMScore
CVE-2002-1149
The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings.
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.0
668
VMScore
CVE-2006-3544
Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.3 Final allow remote malicious users to execute arbitrary SQL commands via the CODE parameter in a (1) Stats, (2) Mail, and (3) Reg action in index.php. NOTE: the developer has disputed this issue, stating tha...
Invision Power Services Invision Board 1.3.1 Final
Invision Power Services Invision Board 1.3 Final
605
VMScore
CVE-2004-0359
Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote malicious users to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.
Invision Power Services Invision Board 1.3.1 Final
Invision Power Services Invision Board 1.3 Final
383
VMScore
CVE-2008-1359
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 prior to 2008-03-13 allows remote malicious users to inject arbitrary web script or HTML via nested BBCodes, a different vector than CVE-2008-0913.
Invision Power Services Invision Power Board
668
VMScore
CVE-2006-4155
Unspecified vulnerability in func_topic_threaded.php (aka threaded view mode) in Invision Power Board (IPB) prior to 2.1.7 21013.60810.s allows remote malicious users to "access posts outside the topic."
Invision Power Services Invision Power Board
383
VMScore
CVE-2007-2963
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board (IPB or IP.Board) 2.2.2, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via (1) module_bbcodeloader.php, (2) module_div.php, (3) module_email.php, (4) module_im...
Invision Power Services Invision Power Board
454
VMScore
CVE-2006-1267
Invision Power Board 2.1.4 allows remote malicious users to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.
Invision Power Services Invision Power Board 2.1.4
465
VMScore
CVE-2006-1326
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board 2.0.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) result_type, (2) search_in, (3) nav, (4) forums, and (5) s parameters in the Search action to index.php; (6) st parame...
Invision Power Services Invision Power Board 2.0.4
7 EDB exploits
383
VMScore
CVE-2008-0913
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote malicious users to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context.
Invision Power Services Invision Power Board 2.3.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »