INVISION POWER BOARD 2.1.7 ACTIVE XSS/SQL INJECTION EXPLOIT

---- INVISION POWER BOARD 2.1.7 EXPLOIT ... ITDefence.ru Antichat.ru INVISION POWER BOARD 2.1.7 ACTIVE XSS/SQL INJECTION Eugene Minaev [email protected] / / . / /// // / / // / / / /// / / / / / // / / / / / / / / / / / / / / / / / // / / / / // / // / / / // 2007 //// // // // // / . -...

[Full-disclosure] Invision Power Board 2.1.7 debug mode vulnerability

Debug mode is a feature in IPB 2.0.0-2.1.7 that shows all database queries for each forum page requested. If Debug mode is turned on, it is possible for anyone to request a forgotten password for an account, and capture the validation key that is sent to the account's email address. This allows a...