7.5
CVE-2004-1531
- EPSS 1.34%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:53
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows remote attackers to execute arbitrary SQL commands via the qpid parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Invision Power Services ≫ Invision Board Version2.0
Invision Power Services ≫ Invision Board Version2.0.1
Invision Power Services ≫ Invision Board Version2.0.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.34% | 0.676 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://forums.invisionpower.com/index.php?showtopic=154916
http://marc.info/?l=bugtraq&m=110079592702417&w=2
http://marc.info/?l=bugtraq&m=111454805209191&w=2
http://marc.info/?l=bugtraq&m=111462421824202&w=2
http://secunia.com/advisories/13245
http://www.securityfocus.com/bid/11703
https://exchange.xforce.ibmcloud.com/vulnerabilities/18164