Invision Board Security Vulnerabilities and Issues — Invision Board CVE List

Lucene search

Invision Power ServicesInvision Board

5 matches found

CVE•added 2005/05/16 4:0 a.m.•46 views

CVE-2005-1598

SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable.

7.5CVSS8.4AI score0.07777EPSS

CVE•added 2005/04/12 4:0 a.m.•41 views

CVE-2005-1070

SQL injection vulnerability in index.php in Invision Power Board 1.3.1 Final and earlier allows remote attackers to execute arbitrary SQL commands via the st parameter.

7.5CVSS8.4AI score0.00396EPSS

CVE•added 2005/02/19 5:0 a.m.•40 views

CVE-2004-1531

SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows remote attackers to execute arbitrary SQL commands via the qpid parameter.

7.5CVSS8.4AI score0.00708EPSS

CVE•added 2006/07/13 12:5 a.m.•30 views

CVE-2006-3544

Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.3 Final allow remote attackers to execute arbitrary SQL commands via the CODE parameter in a (1) Stats, (2) Mail, and (3) Reg action in index.php. NOTE: the developer has disputed this issue, stating that "At no point does the C...

7.5CVSS8.8AI score0.00675EPSS

CVE•added 2005/05/10 4:0 a.m.•28 views

CVE-2004-1785

SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable.

7.5CVSS8.4AI score0.01121EPSS