NotCVE - vendor:"Invision Power Services" product:"Invision Power Board" version:"2.1.5

Page 4 of 35 results (0.004 seconds)

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2006-1369

https://notcve.org/view.php?id=CVE-2006-1369

23 Mar 2006 — Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.5 and earlier before 20060308 allows remote attackers to inject arbitrary web script or HTML via a Private Message (PM) in certain circumstances. • http://forums.invisionpower.com/index.php?showtopic=209178 •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

CVE-2006-1076 – Invision Power Board 2.1.5 - showtopic SQL Injection

https://notcve.org/view.php?id=CVE-2006-1076

09 Mar 2006 — SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote attackers to execute arbitrary SQL commands via the st parameter. • https://www.exploit-db.com/exploits/27361 •

CVSS: 9.1EPSS: 0%CPEs: 15EXPL: 0

CVE-2006-0909

https://notcve.org/view.php?id=CVE-2006-0909

28 Feb 2006 — Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Renderer/unified.php, (3) PEAR/Text/Diff3.php, (4) class_db.php, (5) class_db_mysql.php, and (6) class_xml.php in the ips_kernel/ directory; (7) mysql_admin_queries.php, (8) mysql_extra_queries.php, (9) mysql_queries.php, and (10) mysql_subsm_queries.ph... • http://neosecurityteam.net/advisories/Advisory-16.txt •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

CVE-2006-0910

https://notcve.org/view.php?id=CVE-2006-0910

28 Feb 2006 — Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to list directory contents via a direct request to multiple directories, including (1) sources/loginauth/convert/, (2) sources/portal_plugins/, (3) cache/skin_cache/cacheid_2/, (4) ips_kernel/PEAR/, (5) ips_kernel/PEAR/Text/, (6) ips_kernel/PEAR/Text/Diff/, (7) ips_kernel/PEAR/Text/Diff/Renderer/, (8) style_images/1/folder_rte_files/, (9) style_images/1/folder_js_skin/, (10) style_images/1/folder_rte_images/, and (11) upgrade/ and its subd... • http://neosecurityteam.net/advisories/Advisory-16.txt •

CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 1

CVE-2005-1443

https://notcve.org/view.php?id=CVE-2005-1443

03 May 2005 — Multiple cross-site scripting (XSS) vulnerabilities in index.php for Invision Power Board (IPB) 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the (1) act, (2) Members, (3) calendar, or (4) HID parameters. • http://securitytracker.com/id?1013863 •

1 2 3 4