// For flags

CVE-2016-6174

IPS Community Suite 4.1.12.3 - PHP Code Injection

Severity Score

8.1
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

3
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.

applications/core/modules/front/system/content.php en Invision Power Services IPS Community Suite (también conocido como Invision Power Board, IPB o Power Board) en versiones anteriores a 4.1.13, cuando se utiliza con PHP en versiones anteriores a 5.4.24 o 5.5.x en versiones anteriores a 5.5.8, permite a atacantes remotos ejecutar código arbitrario a través del parámetro content_class.

IPS Community Suite versions 4.1.12.3 and below suffer from a remote PHP code injection vulnerability.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-07-06 CVE Reserved
  • 2016-07-07 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Invisioncommunity
Search vendor "Invisioncommunity"
Invision Power Board
Search vendor "Invisioncommunity" for product "Invision Power Board"
<= 4.1.12.3
Search vendor "Invisioncommunity" for product "Invision Power Board" and version " <= 4.1.12.3"
-
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
<= 5.4.23
Search vendor "Php" for product "Php" and version " <= 5.4.23"
-
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
-
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
alpha1
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
alpha2
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
alpha3
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
alpha4
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
alpha5
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
alpha6
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
beta1
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
beta2
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
beta3
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
beta4
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
rc1
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.0
Search vendor "Php" for product "Php" and version "5.5.0"
rc2
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.1
Search vendor "Php" for product "Php" and version "5.5.1"
-
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.2
Search vendor "Php" for product "Php" and version "5.5.2"
-
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.3
Search vendor "Php" for product "Php" and version "5.5.3"
-
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.4
Search vendor "Php" for product "Php" and version "5.5.4"
-
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.5
Search vendor "Php" for product "Php" and version "5.5.5"
-
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.6
Search vendor "Php" for product "Php" and version "5.5.6"
-
Affected
Php
Search vendor "Php"
Php
Search vendor "Php" for product "Php"
5.5.7
Search vendor "Php" for product "Php" and version "5.5.7"
-
Affected