CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2005-1946
https://notcve.org/view.php?id=CVE-2005-1946
Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 Final allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to an editentry, replyentry, or editcomment action, or (2) the mid parameter to an aboutme action. • http://marc.info/?l=bugtraq&m=111833601302752&w=2 http://secunia.com/advisories/15626 http://www.gulftech.org/?node=research&article_id=00078-06072005 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2005-1948 – Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection
https://notcve.org/view.php?id=CVE-2005-1948
Multiple SQL injection vulnerabilities in Invision Gallery before 1.3.1 allow remote attackers to execute arbitrary SQL commands via (1) the comment parameter in an editcomment action or (2) the rating parameter when voting on a photo. • https://www.exploit-db.com/exploits/25806 http://marc.info/?l=bugtraq&m=111834146710329&w=2 http://www.gulftech.org/?node=research&article_id=00079-06092005 http://www.securityfocus.com/bid/13907 •
CVSS: 4.6EPSS: 0%CPEs: 17EXPL: 1CVE-2005-1816
https://notcve.org/view.php?id=CVE-2005-1816
Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to add themselves or other users to the root admin group via the "Move users in this group to" screen. • http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0635.html http://secunia.com/advisories/15545 http://www.securityfocus.com/bid/13797 •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 2CVE-2005-1817 – Invision Power Board 1.x - Unauthorized Access
https://notcve.org/view.php?id=CVE-2005-1817
Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters. • https://www.exploit-db.com/exploits/25741 http://www.securityfocus.com/bid/13802 •
CVSS: 4.3EPSS: 1%CPEs: 9EXPL: 1CVE-2005-1597 – Invision Power Board (IP.Board) < 2.0.3 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2005-1597
Cross-site scripting (XSS) vulnerability in (1) search.php and (2) topics.php for Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the highlite parameter. • https://www.exploit-db.com/exploits/43824 http://forums.invisionpower.com/index.php?showtopic=168016 http://marc.info/?l=bugtraq&m=111539908705851&w=2 http://secunia.com/advisories/15265 http://securitytracker.com/id?1013907 http://www.gulftech.org/?node=research&article_id=00073-05052005 http://www.osvdb.org/16298 http://www.securityfocus.com/bid/13534 http://www.vupen.com/english/advisories/2005/0487 https://exchange.xforce.ibmcloud.com/vulnerabilities/20445 •