9 High
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.6%
SQL injection vulnerability in func_msg.php in Invision Power Board (IPB) 2.1.4 allows remote attackers to execute arbitrary SQL commands via the from_contact field in a private message (PM).
secunia.com/advisories/19861
securityreason.com/securityalert/813
www.osvdb.org/25021
www.securityfocus.com/archive/1/432248/100/0/threaded
www.securityfocus.com/bid/17719
exchange.xforce.ibmcloud.com/vulnerabilities/26107