CVE-2015-6810
- EPSS 0.34%
- Published 04.09.2015 15:59:08
- Last modified 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) 4.x before 4.0.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the event_locatio...
CVE-2014-9239
- EPSS 0.36%
- Published 03.12.2014 21:59:08
- Last modified 12.04.2025 10:46:40
SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) in Invision Power Board (aka IPB or IP.Board) 3.3.x and 3.4.x through 3.4.7 before 20141114 allows remote attackers to execute arbitrary SQL commands via the...
- EPSS 82.86%
- Published 31.10.2012 10:50:32
- Last modified 11.04.2025 00:51:21
Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x through 3.3.x has unknown impact and remote attack vectors.
CVE-2006-0633
- EPSS 0.5%
- Published 10.02.2006 11:02:00
- Last modified 03.04.2025 01:03:51
The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data generated from partially predictable seeds to create the authentication code that is sent by e-mail to a user with a lost password, which might make it ea...