Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Invision Power Board Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2012-2226

Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file.

9.8CVSS

9.4AI Score

0.027EPSS

2020-01-09 09:15 PM
40
cve
cve

CVE-2013-3725

Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution.

9.8CVSS

9.5AI Score

0.005EPSS

2020-02-12 07:15 PM
28
cve
cve

CVE-2017-8898

Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has stored XSS in the Announcements, allowing privilege escalation from an Invision Power Board moderator to an admin. An attack uses the announce_content parameter in an index.php?/modcp/announcements/&action=create request. This i...

9.8CVSS

9.1AI Score

0.008EPSS

2017-05-11 05:29 PM
29