Invision Power Services : Security Vulnerabilities, CVEs, Published In 2004 (Sql injection)

CVE-2004-1836

SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action.
Max CVSS
7.5
EPSS Score
1.71%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1835

Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) album parameters.
Max CVSS
7.5
EPSS Score
0.94%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1785

SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable.
Max CVSS
7.5
EPSS Score
2.55%
Published
2004-01-03
Updated
2008-09-05

CVE-2004-1531

SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows remote attackers to execute arbitrary SQL commands via the qpid parameter.
Max CVSS
7.5
EPSS Score
1.18%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-0338

SQL injection vulnerability in search.php for Invision Board Forum allows remote attackers to execute arbitrary SQL queries via the st parameter.
Max CVSS
10.0
EPSS Score
0.37%
Published
2004-11-23
Updated
2017-07-11
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close