124 matches found
[Full-disclosure] SQL Injection in IPB <=2.1.3
Well this would be NDSD-06-002 but n3td3v seems to have really left.......All relevant details are in the message below, the SQL injection was patched within a day http://forums.invisionpower.com/index.php?showtopic=204627, I believe the other problems still exist. -----Original Message----- From...
CVE-2006-4155
CVE-2006-4155 affects Invision Power Board (IPB) prior to 2.1.7. The vulnerability is in func_topic_threaded.php (threaded view mode) and allows remote attackers to access posts outside the topic. The available references describe the issue as an unspecified vulnerability with network exposure (b...
CVE-2006-3543
Multiple SQL injection vulnerabilities affect Invision Power Board (IPB) 1.x–2.x. The issues enable remote attackers to inject SQL through parameters in index.php and coins_list.php, including: idcat, code, id, CODE, ketqua action, and member_id in various actions (ketqua, Attach, ref, Profile, L...
CVE-2006-3544
Invision Power Board 1.3 Final is affected by multiple SQL injection vulnerabilities via the CODE parameter in index.php actions (Stats, Mail, Reg). The underlying issue is described as CODE being used in a SWITCH to select a function, with attackers potentially modifying CODE to execute SQL comm...
CVE-2006-3197
Invision Power Board (IPB) 2.1.6 and earlier contains a Cross-site scripting (XSS) vulnerability. A POST request carrying hexadecimal-encoded HTML can allow an attacker to inject arbitrary web script/HTML. The affected component is the IPB posting handler (as described in the CVE). The available ...
View Topic Flood phpBB, MercuryBoard, Vbulletin, Ipb
Author: SpiderZ Exploit: http://spiderz.netsons.org/exploit/10.txt...
CVE-2006-2498
CVE-2006-2498 affects Invision Power Board (IPB) before 2.1.6. Remote attackers can cause arbitrary PHP script execution via two vectors: (1) the post_icon variable in classes/post/class_post.php, and (2) the df value in action_public/moderate.php. This vulnerability enables remote code execution...
invision215-SQL.txt
!/usr/bin/perl IPB =2.1.4 exploit possibly 2.1.5 too Brought to you by the Ykstortion security team. The bug is in the pm system so you must have a registered user. The exploit will extract a password hash from the forum's data base of the target user. You need to know the target user's member ID...
Invision Power Board <= 2.1.5 (from_contact) SQL Injection Exploit
No description provided by source. !/usr/bin/perl IPB =2.1.4 exploit possibly 2.1.5 too Brought to you by the Ykstortion security team. The bug is in the pm system so you must have a registered user. The exploit will extract a password hash from the forum's data base of the target user. You need ...
Invision Power Board 2.1.5 - from_contact SQL Injection
Invision Power Board 2.1.5 - fromcontact SQL Injection !/usr/bin/perl IPB =2.1.4 exploit possibly 2.1.5 too Brought to you by the Ykstortion security team. The bug is in the pm system so you must have a registered user. The exploit will extract a password hash from the forum's data base of the...
Invision Power Board <= 2.1.5 (from_contact) SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================== Invision Power Board = 2.1.5 fromcontact SQL Injection Exploit ================================================================== !/usr/bin/perl IPB =2.1.4 exploit possibly...
Invision Power Board 2.1.5 - 'from_contact' SQL Injection
!/usr/bin/perl IPB =2.1.4 exploit possibly 2.1.5 too Brought to you by the Ykstortion security team. The bug is in the pm system so you must have a registered user. The exploit will extract a password hash from the forum's data base of the target user. You need to know the target user's member ID...
CVE-2006-2097
CVE-2006-2097 concerns Invision Power Board (IPB) 2.1.4, where SQL injection is possible in func_msg.php via the from_contact field in a private message. The vulnerability could allow remote attackers to modify or extract data by injecting SQL commands. Documentation confirms the affected compone...
ibp-2.1.4-xpl.txt
This exploit has only been tested on 2.1.4. Others are most likely vulnerable but have not yet been tested. Simple SQL injection in funcmsg.php on line 448. tobyid is not properly sanitized. It's passed to the class via an instance of the messenger class, which takes it from the ipb sanitized inp...
Invision Power Board <= 2.1.5 search.php Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl Wed Apr 26 16:44:15 CEST 2006 [email protected] INVISION POWER BOARD 2.1.5 www.invisionboard.com pr00f 0f c0ncept remote command execution. vuln credits goes to IceShaman. works only if you have perms to post a comment. Exploit with replye is in m...
SQL injection exploit IPB <= 2.1.4
This exploit has only been tested on 2.1.4. Others are most likely vulnerable but have not yet been tested. Simple SQL injection in funcmsg.php on line 448. tobyid is not properly sanitized. It's passed to the class via an instance of the messenger class, which takes it from the ipb sanitized inp...
CVE-2006-2060
CVE-2006-2060 affects Invision Power Board (IPB) 2.0.x/2.1.x with the vulnerable PHP file action_admin/paysubscriptions.php . The issue is a directory-traversal via a leading ".." in the name parameter, when preceded by enough backspace characters (%08) to erase the initial static portion of a fi...
CVE-2006-2061
CVE-2006-2061 : SQL injection in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 via the ck parameter in lib/func_taskmanager.php allows remote attackers to execute arbitrary SQL commands. The vulnerability is triggered by input that is injected into database queries, with up to 32 cha...
CVE-2006-2059
Invision Power Board (IPB) 2.0.x and 2.1.x before 20060425 are affected. The vulnerability lies in action_public/search.php where a crafted lastdate parameter can cause a regular expression to add a #e (execute) modifier, allowing remote attackers to execute arbitrary PHP code. This is a remote c...
IPB <= 2.1.5 SQL inj. vuln.
IPB = 2.1.5 SQL inj. vuln. Vuln. discovered by : r0t Date: 19 april 2006 vendorlink:http://www.invisionboard.com/ affected versions:2.1.5 and previous orginal advisory: http://pridels.blogspot.com/2006/04/ipb-215-sql-inj-vuln.html Vuln. Description: IPB contains a flaw that allows a remote sql...