EUVD-2014-5004

Malware in sbrugna...

EUVD-2014-3167

Malware in sbrugna...

CVE-2009-5159

Invision Power Board (IPB) 2.x–3.0.4 is affected by a cross-site scripting (XSS) vulnerability that can be triggered via a .txt attachment when using Internet Explorer 5. The issue is explicitly described as XSS, but the available documents do not provide deeper details on the root cause beyond t...

Sql injection

SQL injection vulnerability in Invision Power Board aka IPB or IP.Board before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the cId parameter...

CVE-2014-4928

CVE-2014-4928 describes an SQL injection in Invision Power Board (IPB/IP.Board) prior to version 3.4.6. The vulnerability allows a remote attacker to execute arbitrary SQL commands through the cId parameter. Multiple connected documents corroborate the affected product (IPB/IP.Board) and the vuln...

IP.Board 4.1.4.x - Persistent 跨站脚本 漏洞

No description provided by source...

Invision Power Board 4.1.4.x - Persistent XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: IP.Board Persistent XSS Vulnerability Date: 29/10/2015 Software Link: https://www.invisionpower.com/buy Software version : 4.1.4.x Exploit Author: Mehdi Alouache Contact: email protected Category: webapps 1. Description Any...

Invision Power Board (IP.Board) 4.1.4.x - Persistent Cross-Site Scripting

Exploit Title: IP.Board Persistent XSS Vulnerability Date: 29/10/2015 Software Link: https://www.invisionpower.com/buy Software version : 4.1.4.x Exploit Author: Mehdi Alouache Contact: [email protected] Category: webapps 1. Description Any registered user can execute remote...

IP.Board 4.X - Stored XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: IP.Board 4.X Stored XSS Date: 27-08-2015 Software Link: https://www.invisionpower.com/ Exploit Author: snop. Contact: http://twitter.com/rabbitzorg Website: http://rabbitz.org Category: webapps 1. Description A registered or...

Invision Power Board (IP.Board) 4.x - Persistent Cross-Site Scripting

Invision Power Board IP.Board 4.x - Persistent Cross-Site Scripting Exploit Title: IP.Board 4.X Stored XSS Date: 27-08-2015 Software Link: https://www.invisionpower.com/ Exploit Author: snop. Contact: http://twitter.com/rabbitzorg Website: http://rabbitz.org Category: webapps 1. Description A...

Invision Power Board (IP.Board) < 2.0.3 - Multiple Vulnerabilities

IP.Board Multiple Vulnerabilities Vendor: Invision Power Services Product: IP.Board Version: = 2.0.3 Website: http://www.invisionboard.com/ BID: 13529 13534 CVE: CVE-2005-1597 CVE-2005-1598 OSVDB: 16297 16298 SECUNIA: 15265 PACKETSTORM: 39098 Description: Invision Power Board IPB is a professiona...

CVE-2014-9239

This CVE refers to a SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) of Invision Power Board (IPB/IP.Board) 3.3.x and 3.4.x up to 3.4.7, exploitable via the id[] parameter. The underlying issue allows remote attackers to execute arbitrary SQL commands....

IP.Board 3.4.x /interface/ipsconnect/ipsconnect.php SQL注入漏洞

No description provided by source...

IP.Board 3.4.7 SQL Injection

!/usr/bin/env python Sunday, November 09, 2014 - [email protected] IP.Board - http://sourceforge.net/projects/socksipy/ import socks, socket socks.setdefaultproxysocks.PROXYTYPESOCKS5, "127.0.0.1", 9050 socket.socket = socks.socksocket import urllib2, urllib def injectsql: try:...

IP.Board 3.4 cross-site scripting in Referer header

+-------------------------------------------------------------------- + + IP.Board 3.4 cross-site scripting in Referer header + +-------------------------------------------------------------------- + vendor site........: http://www.invisionpower.com + Affected Software .: IP.Board 3.4 + Class...

CVE-2014-3149 - Reflected Cross-Site Scripting (XSS) in "Invision Power IP.Board"

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3149 =================== "Reflected Cross-Site Scripting XSS" CWE-79 vulnerability in "Invision Power IP.Board" product Vendor =================== Invision Power Services Inc. Product =================== IP.Board "IP.Board is the leading...

Invision Power Board (IP.Board) 3.x - Cross-Site Request Forgery / Token Hjiacking

Title: IP Board 3.x CSRF - Token hjiacking Date: 03.09.14 Version: = 3.4.6 Vendor: invisionpower.com Author: Piotr S. Video-PoC: https://www.youtube.com/watch?v=G5P21TA4DjY 1 Introduction Latest and propabbly previous IPB verions suffers on vulnerability, which allows attacker to steal CSRF token...

Invision Power Board (IP.Board) 3.x - Cross-Site Request Forgery Token Hjiacking

Invision Power Board IP.Board 3.x - Cross-Site Request Forgery Token Hjiacking Title: IP Board 3.x CSRF - Token hjiacking Date: 03.09.14 Version: = 3.4.6 Vendor: invisionpower.com Author: Piotr S. Video-PoC: https://www.youtube.com/watch?v=G5P21TA4DjY 1 Introduction Latest and propabbly previous...

CVE-2014-5106

Cross-site scripting XSS vulnerability in Invision Power IP.Board aka IPB or Power Board 3.4.x through 3.4.6 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to admin/install/index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in Invision Power IP.Board aka IPB or Power Board 3.4.x through 3.4.6 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to admin/install/index.php...