CVE-2015-6810
- EPSS 0.85%
- Veröffentlicht 04.09.2015 15:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) 4.x before 4.0.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the event_locatio...
CVE-2014-9239
- EPSS 0.36%
- Veröffentlicht 03.12.2014 21:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) in Invision Power Board (aka IPB or IP.Board) 3.3.x and 3.4.x through 3.4.7 before 20141114 allows remote attackers to execute arbitrary SQL commands via the...
- EPSS 83.03%
- Veröffentlicht 31.10.2012 10:50:32
- Zuletzt bearbeitet 29.04.2026 01:13:23
Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x through 3.3.x has unknown impact and remote attack vectors.
CVE-2006-0633
- EPSS 0.5%
- Veröffentlicht 10.02.2006 11:02:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data generated from partially predictable seeds to create the authentication code that is sent by e-mail to a user with a lost password, which might make it ea...