CVE-2006-2498
CVE-2006-2498 affects Invision Power Board (IPB) before 2.1.6. Remote attackers can cause arbitrary PHP script execution via two vectors: (1) the post_icon variable in classes/post/class_post.php, and (2) the df value in action_public/moderate.php. This vulnerability enables remote code execution...