SQL injection vulnerability in lib/func_taskmanager.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote malicious users to execute arbitrary SQL commands via the ck parameter, which can inject at most 32 characters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invision power services invision board 2.0_alpha_3 |
||
invision power services invision board 2.0_pdr3 |
||
invision power services invision board 2.0 |
||
invision power services invision board 2.0_pf1 |
||
invision power services invision board 2.0_pf2 |
||
invision power services invision board 2.0.1 |
||
invision power services invision board 2.0.2 |
||
invision power services invision board 2.1 |
||
invision power services invision board 2.1.5 |
||
invision power services invision board 2.0.3 |
||
invision power services invision board 2.0.4 |
||
invision power services invision board 2.1_alpha2 |
||
invision power services invision power board 2.1.5_2006-03-08 |