2.1
CVSSv2

CVE-2006-5204

Published: 10/10/2006 Updated: 17/10/2018
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 187
Vector: AV:N/AC:H/Au:S/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in action_admin/member.php in Invision Power Board (IPB) 2.1.7 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via a reference to a script in the avatar setting, which can be leveraged for a cross-site request forgery (CSRF) attack involving forced SQL execution by an admin.

Vulnerable Product Search on Vulmon Subscribe to Product

invision power services invision power board 2.0 pf1

invision power services invision power board 2.1 beta2

invision power services invision power board 1.0

invision power services invision power board 1.1.2

invision power services invision power board 2.0.4

invision power services invision power board 2.1 rc1

invision power services invision power board 2.1.1

invision power services invision power board

invision power services invision power board 2.1.6

invision power services invision power board 2.1 alpha2

invision power services invision power board 2.0 alpha3

invision power services invision power board 1.1.1

invision power services invision power board 2.1.5 2006-03-08

invision power services invision power board 2.1.2

invision power services invision power board 2.1.3

invision power services invision power board 1.0.3

invision power services invision power board 2.0 pdr3

invision power services invision power board 2.0

invision power services invision power board 2.1 beta5

invision power services invision power board 1.3 final

invision power services invision power board 2.1.0

invision power services invision power board 1.2

invision power services invision power board 2.1.5

invision power services invision power board 2.0.0

invision power services invision power board 1.0.1

invision power services invision power board 2.0.3

invision power services invision power board 2.1 beta4

invision power services invision power board 2.1

invision power services invision power board 2.1 beta3

invision power services invision power board 2.1.4

invision power services invision power board 1.3.1 final

invision power services invision power board 2.0 pf2

invision power services invision power board 2.0.2

invision power services invision power board 2.0.1

invision power services invision power board 1.3

invision power services invision power board 2.0.x