CVSS: 10.0EPSS: 96%CPEs: 9EXPL: 3CVE-2012-5692 – Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution
https://notcve.org/view.php?id=CVE-2012-5692
Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x through 3.3.x has unknown impact and remote attack vectors. Vulnerabilidad no específica en admin/sources/base/core.php en Invision Power Board (también conocido como IPB o IP.Board) v3.1.x hasta v3.3.x tiene un impacto y vectores de ataque desconocidos. • https://www.exploit-db.com/exploits/22686 https://www.exploit-db.com/exploits/22398 https://www.exploit-db.com/exploits/22547 http://community.invisionpower.com/topic/371625-ipboard-31x-32x-and-33x-security-update http://secunia.com/advisories/51104 http://www.securityfocus.com/bid/56288 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2012-2226 – Invision Power Board 3.3.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2012-2226
Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file. Invision Power Board versiones anteriores a 3.3.1, no logra sanear las entradas suministradas por el usuario, lo que podría permitir a atacantes remotos obtener información confidencial o ejecutar código arbitrario mediante la carga de un archivo malicioso. Invision Power Board version 3.3.0 suffers from a local file inclusion vulnerability. • https://www.exploit-db.com/exploits/18736 http://www.securityfocus.com/bid/52998 https://exchange.xforce.ibmcloud.com/vulnerabilities/74855 • CWE-434: Unrestricted Upload of File with Dangerous Type •