CVE-2006-2097

2006-04-2910:00:00

mitre

www.cve.org

8.3 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

SQL injection vulnerability in func_msg.php in Invision Power Board (IPB) 2.1.4 allows remote attackers to execute arbitrary SQL commands via the from_contact field in a private message (PM).

References

secunia.com/advisories/19861

securityreason.com/securityalert/813

www.osvdb.org/25021

www.securityfocus.com/archive/1/432248/100/0/threaded

www.securityfocus.com/bid/17719

exchange.xforce.ibmcloud.com/vulnerabilities/26107