Invision Power Services » Invision Power Board » 2.1_beta5 : Security Vulnerabilities, CVEs, Published In 2006 (Sql injection)

cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5:*:*:*:*:*:*:*

CVE-2006-2204

SQL injection vulnerability in the topic deletion functionality (post_delete function in func_mod.php) for Invision Power Board 2.1.5 allows remote authenticated moderators to execute arbitrary SQL commands via the selectedpids parameter, which bypasses an integer value check when the $id variable is an array.
Max CVSS
5.5
EPSS Score
0.54%
Published
2006-05-05
Updated
2018-10-18

CVE-2006-2097

SQL injection vulnerability in func_msg.php in Invision Power Board (IPB) 2.1.4 allows remote attackers to execute arbitrary SQL commands via the from_contact field in a private message (PM).
Max CVSS
7.5
EPSS Score
1.12%
Published
2006-04-29
Updated
2018-10-18
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close