Sql injection

2006-04-2910:02:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

SQL injection vulnerability in func_msg.php in Invision Power Board (IPB) 2.1.4 allows remote attackers to execute arbitrary SQL commands via the from_contact field in a private message (PM).

CPENameOperatorVersion
invision_power_boardeq2.1.0-beta2
invision_power_boardeq1.0
invision_power_boardeq1.1.2
invision_power_boardeq2.0.4
invision_power_boardeq2.1.0-rc1
invision_power_boardeq2.1.1
invision_power_boardeq2.1.0-alpha2
invision_power_boardeq1.1.1
invision_power_boardeq2.1.2
invision_power_boardeq2.1.3

Name	Operator	Version
invision_power_board	eq	2.1.0-beta2
invision_power_board	eq	1.0
invision_power_board	eq	1.1.2
invision_power_board	eq	2.0.4
invision_power_board	eq	2.1.0-rc1
invision_power_board	eq	2.1.1
invision_power_board	eq	2.1.0-alpha2
invision_power_board	eq	1.1.1
invision_power_board	eq	2.1.2
invision_power_board	eq	2.1.3

Rows per page:

1-10 of 261

References

secunia.com/advisories/19861

securityreason.com/securityalert/813

www.osvdb.org/25021

www.securityfocus.com/archive/1/432248/100/0/threaded

www.securityfocus.com/bid/17719

exchange.xforce.ibmcloud.com/vulnerabilities/26107