Invision Power Board Security Vulnerabilities and Issues — Invision Power Board CVE List

Lucene search

InvisioncommunityInvision Power Board

3 matches found

CVE•added 2014/12/03 9:59 p.m.•42 views

CVE-2014-9239

SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) in Invision Power Board (aka IPB or IP.Board) 3.3.x and 3.4.x through 3.4.7 before 20141114 allows remote attackers to execute arbitrary SQL commands via the id[] parameter.

7.5CVSS8.7AI score0.0036EPSS

CVE•added 2014/07/28 3:55 p.m.•36 views

CVE-2014-5106

Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (aka IPB or Power Board) 3.4.x through 3.4.6 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to admin/install/index.php.

4.3CVSS5.9AI score0.00254EPSS

CVE•added 2014/07/03 2:55 p.m.•33 views

CVE-2014-3149

Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (aka IPB or Power Board) 3.3.x and 3.4.x through 3.4.6, as downloaded before 20140424, or IP.Nexus 1.5.x through 1.5.9, as downloaded before 20140424, allows remote attackers to inject arbitrary web script or HTML via unspecified v...

4.3CVSS5.8AI score0.00365EPSS