Invision Power Services

Invision Power Board

40 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.65%
  • Veröffentlicht 30.04.2007 22:19:00
  • Zuletzt bearbeitet 16.06.2026 22:39:24

Cross-site scripting (XSS) vulnerability in Invision Power Board (IP.Board) 2.1.x and 2.2.x allows remote attackers to inject arbitrary web script or HTML by uploading crafted images or PDF files.

Exploit
  • EPSS 1.3%
  • Veröffentlicht 02.03.2007 21:18:00
  • Zuletzt bearbeitet 16.06.2026 22:34:19

SQL injection vulnerability in classes/class_session.php in Invision Power Board (IPB) 2.1 up to 2.1.6 allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP parameter.

  • EPSS 1.82%
  • Veröffentlicht 24.02.2007 01:28:00
  • Zuletzt bearbeitet 16.06.2026 22:34:18

Cross-site scripting (XSS) vulnerability in forum/admin.php for Invision Power Board (IPB) 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML as the administrator via the phpinfo parameter.

  • EPSS 1.38%
  • Veröffentlicht 10.10.2006 04:06:00
  • Zuletzt bearbeitet 16.06.2026 22:30:44

Cross-site scripting (XSS) vulnerability in action_admin/member.php in Invision Power Board (IPB) 2.1.7 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a reference to a script in the avatar setting, which can ...

  • EPSS 0.87%
  • Veröffentlicht 10.10.2006 04:06:00
  • Zuletzt bearbeitet 16.06.2026 22:30:44

Invision Power Board (IPB) 2.1.7 and earlier allows remote restricted administrators to inject arbitrary web script or HTML, or execute arbitrary SQL commands, via a forum description that contains a crafted image with PHP code, which is executed whe...

  • EPSS 1.41%
  • Veröffentlicht 16.08.2006 22:04:00
  • Zuletzt bearbeitet 16.06.2026 22:28:31

Unspecified vulnerability in func_topic_threaded.php (aka threaded view mode) in Invision Power Board (IPB) before 2.1.7 21013.60810.s allows remote attackers to "access posts outside the topic."

Exploit
  • EPSS 1.07%
  • Veröffentlicht 13.07.2006 00:05:00
  • Zuletzt bearbeitet 16.06.2026 22:27:16

Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.x and 2.x allow remote attackers to execute arbitrary SQL commands via the (1) idcat and (2) code parameters in a ketqua action in index.php; the id parameter in a (3) Attach and ...

  • EPSS 1.26%
  • Veröffentlicht 23.06.2006 00:02:00
  • Zuletzt bearbeitet 16.06.2026 22:26:35

Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a POST that contains hexadecimal-encoded HTML.

  • EPSS 1.85%
  • Veröffentlicht 20.05.2006 03:02:00
  • Zuletzt bearbeitet 16.06.2026 22:25:10

Invision Power Board (IPB) before 2.1.6 allows remote attackers to execute arbitrary PHP script via attack vectors involving (1) the post_icon variable in classes/post/class_post.php and (2) the df value in action_public/moderate.php.

  • EPSS 0.98%
  • Veröffentlicht 05.05.2006 12:46:00
  • Zuletzt bearbeitet 16.06.2026 22:24:34

SQL injection vulnerability in index.php in Invision Power Board allows remote attackers to execute arbitrary SQL commands via the pid parameter in a reputation action. NOTE: the provenance of this information is unknown; the details are obtained so...