CVSS: 9.8EPSS: 7%CPEs: 9EXPL: 4CVE-2005-1598 – Invision Power Board 2.0.3 - 'login.php' SQL Injection
https://notcve.org/view.php?id=CVE-2005-1598
16 May 2005 — SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable. • https://www.exploit-db.com/exploits/1013 •
CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 1CVE-2005-1443
https://notcve.org/view.php?id=CVE-2005-1443
03 May 2005 — Multiple cross-site scripting (XSS) vulnerabilities in index.php for Invision Power Board (IPB) 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the (1) act, (2) Members, (3) calendar, or (4) HID parameters. • http://securitytracker.com/id?1013863 •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 1CVE-2005-0477 – Invision Power Board (IP.Board) 1.x/2.0.3 - SML Code Script Injection
https://notcve.org/view.php?id=CVE-2005-0477
19 Feb 2005 — Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via (1) a signature file or (2) a message post containing an IMG tag within a COLOR tag whose style is set to background:url. Vulnerabilidad de secuencias de comandos en sitios cruzados en el código SML de Invision Power Board 1.3.1 FINAL permite a atacantes remotos la inyección de sripts arbitrarios mediante: un fichero de firmas, un mensaje que contiene una e... • https://www.exploit-db.com/exploits/25143 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1578
https://notcve.org/view.php?id=CVE-2004-1578
31 Dec 2004 — Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote attackers to execute arbitrary web script or HTML via the Referer field in the HTTP header. • http://marc.info/?l=bugtraq&m=109701091207517&w=2 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2004-2279
https://notcve.org/view.php?id=CVE-2004-2279
31 Dec 2004 — Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php. • http://archives.neohapsis.com/archives/bugtraq/2004-03/0082.html •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 2CVE-2003-1385 – Invision Board 1.1.1 - 'ipchat.php' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2003-1385
31 Dec 2003 — ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web server that contains the code. • https://www.exploit-db.com/exploits/22295 • CWE-94: Improper Control of Generation of Code ('Code Injection') •