Page 2 of 19 results (0.005 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability in Invision Power Board (aka IPB or IP.Board) before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the cId parameter. Vulnerabilidad de inyección SQL en Invision Power Board (también conocido como IPB o IP.Board), en versiones anteriores a la 3.4.6, permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante el parámetro cld. • http://dringen.blogspot.com.au/2014/07/invision-power-board-blind-sql.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 3

Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The primary cause is the ability to upload an SVG document with a crafted attribute such an onload; however, full path disclosure is required for exploitation. Invision Power Services (IPS) Community Suite 4.1.19.2 y anteriores tienen un XSS almacenado y un problema de fuga de información en la funcionalidad de adjuntos en User CP. Puede ser utilizada por cualquier usuario Invision Power Board para ganar acceso a cuentas moderador/admin. • http://zeroday.insecurity.zone/exploits/ipb_owned.txt https://twitter.com/insecurity/status/862154908895780864 https://twitter.com/sxcurity/status/862284967715381248 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has pre-auth reflected XSS in the IPS UTF8 Converter v1.1.18: admin/convertutf8/index.php?controller= is the attack vector. This UTF8 Converter vulnerability can easily be used to make a malicious announcement affecting any Invision Power Board user who views the announcement. Invision Power Services (IPS) Community Suite 4.1.19.2 y anteriores tiene XSS reflejado previo a la autenticación en el IPS UTF8 Converter v1.1.18: El vector de ataque es admin/convertutf8/index.php?Controller=. • http://zeroday.insecurity.zone/exploits/ipb_owned.txt https://twitter.com/insecurity/status/862154908895780864 https://twitter.com/sxcurity/status/862284967715381248 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3

Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has stored XSS in the Announcements, allowing privilege escalation from an Invision Power Board moderator to an admin. An attack uses the announce_content parameter in an index.php?/modcp/announcements/&action=create request. This is related to the "<> Source" option. Invision Power Services (IPS) Community Suite 4.1.19.2 y anteriores tienen un XSS almacenado en Announcements, permitiendo escalada de privilegios desde un moderador Invision Power Board hasta admin. • http://zeroday.insecurity.zone/exploits/ipb_owned.txt https://twitter.com/insecurity/status/862154908895780864 https://twitter.com/sxcurity/status/862284967715381248 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

Invision Power Services (IPS) Community Suite before 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the more_entropy flag. Attackers can guess an Invision Power Board session cookie if they can predict the exact time of cookie generation. Invision Power Services (IPS) Community Suite en versiones anteriores a 4.1.9 hace más fácil el secuestro de sesión confiando en la función uniqid de PHP sin el indicador more_entropy. Los atacantes pueden adivinar una cookie de sesión de Invision Power Board si pueden predecir el tiempo exacto de la generación de cookie • https://invisionpower.com/release-notes/419-r37 https://medium.com/%40iancarroll/bypassing-authentication-in-invision-power-board-with-cve-2016-2564-9a24ea3655f9 • CWE-331: Insufficient Entropy •