Invision Board@1.3 final Security Vulnerabilities and Issues — Invision Board@1.3 final CVE List

Lucene search

Invision Power ServicesInvision Board1.3 final

6 matches found

CVE•added 2004/11/23 5:0 a.m.•123 views

CVE-2004-0359

Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote attackers to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.

6.8CVSS6.6AI score0.01858EPSS

CVE•added 2005/06/01 4:0 a.m.•46 views

CVE-2005-1816

Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to add themselves or other users to the root admin group via the "Move users in this group to" screen.

4.6CVSS6.6AI score0.00064EPSS

CVE•added 2005/05/02 4:0 a.m.•43 views

CVE-2005-0886

Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request.

4.3CVSS5.8AI score0.00462EPSS

CVE•added 2005/04/12 4:0 a.m.•41 views

CVE-2005-1070

SQL injection vulnerability in index.php in Invision Power Board 1.3.1 Final and earlier allows remote attackers to execute arbitrary SQL commands via the st parameter.

7.5CVSS8.4AI score0.00396EPSS

CVE•added 2005/06/01 4:0 a.m.•38 views

CVE-2005-1817

Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters.

5CVSS7.2AI score0.02953EPSS

CVE•added 2006/07/13 12:5 a.m.•30 views

CVE-2006-3544

Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.3 Final allow remote attackers to execute arbitrary SQL commands via the CODE parameter in a (1) Stats, (2) Mail, and (3) Reg action in index.php. NOTE: the developer has disputed this issue, stating that "At no point does the C...

7.5CVSS8.8AI score0.00675EPSS