NotCVE - vendor:"Invision Power Services" product:"Invision Power Board" version:"2.1.0"

Page 6 of 34 results (0.001 seconds)

CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0

CVE-2006-2204

https://notcve.org/view.php?id=CVE-2006-2204

SQL injection vulnerability in the topic deletion functionality (post_delete function in func_mod.php) for Invision Power Board 2.1.5 allows remote authenticated moderators to execute arbitrary SQL commands via the selectedpids parameter, which bypasses an integer value check when the $id variable is an array. • http://forums.invisionpower.com/index.php?showtopic=214248&view=getnewpo http://secunia.com/advisories/19901 http://securityreason.com/securityalert/551 http://www.securityfocus.com/archive/1/432591/100/0/threaded http://www.securityfocus.com/archive/1/432948/30/0/threaded http://www.securityfocus.com/bid/17837 http://www.vupen.com/english/advisories/2006/1605 https://exchange.xforce.ibmcloud.com/vulnerabilities/26190 •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 1

CVE-2006-2217 – Invision Power Board 2.0/2.1 - 'index.php' SQL Injection

https://notcve.org/view.php?id=CVE-2006-2217

SQL injection vulnerability in index.php in Invision Power Board allows remote attackers to execute arbitrary SQL commands via the pid parameter in a reputation action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. • https://www.exploit-db.com/exploits/27818 http://www.securityfocus.com/bid/17839 •

CVSS: 7.5EPSS: 1%CPEs: 26EXPL: 2

CVE-2006-2097 – Invision Power Board 2.1.5 - 'from_contact' SQL Injection

https://notcve.org/view.php?id=CVE-2006-2097

SQL injection vulnerability in func_msg.php in Invision Power Board (IPB) 2.1.4 allows remote attackers to execute arbitrary SQL commands via the from_contact field in a private message (PM). • https://www.exploit-db.com/exploits/1733 http://secunia.com/advisories/19861 http://securityreason.com/securityalert/813 http://www.osvdb.org/25021 http://www.securityfocus.com/archive/1/432248/100/0/threaded http://www.securityfocus.com/bid/17719 https://exchange.xforce.ibmcloud.com/vulnerabilities/26107 •

CVSS: 6.8EPSS: 15%CPEs: 3EXPL: 0

CVE-2006-1369

https://notcve.org/view.php?id=CVE-2006-1369

Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.5 and earlier before 20060308 allows remote attackers to inject arbitrary web script or HTML via a Private Message (PM) in certain circumstances. • http://forums.invisionpower.com/index.php?showtopic=209178 http://secunia.com/advisories/19299 http://www.securityfocus.com/bid/17187 http://www.vupen.com/english/advisories/2006/1044 https://exchange.xforce.ibmcloud.com/vulnerabilities/25384 •

CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2006-1287

https://notcve.org/view.php?id=CVE-2006-1287

Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 20060130 allows remote attackers to steal cookies and probably conduct other activities when the victim is using Internet Explorer. • http://forums.invisionpower.com/index.php?showtopic=206790 http://secunia.com/advisories/19141 http://www.vupen.com/english/advisories/2006/0861 •

1...4 5 6 7