Search
Search Results (27 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-29477 | 1 Invisioncommunity | 1 Community | 2024-11-21 | 4.8 Medium |
| Invision Community 4.5.4 is affected by cross-site scripting (XSS) in the Field Name field. This vulnerability can allow an attacker to inject the XSS payload in Field Name and each time any user will open that, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload. | ||||
| CVE-2019-8278 | 1 Invisioncommunity | 1 Invision Power Board | 2024-11-21 | N/A |
| Stored XSS in Invision Power Board versions 3.3.1 - 3.4.8 leads to Remote Code Execution. | ||||
| CVE-2014-4928 | 1 Invisioncommunity | 1 Invision Power Board | 2024-11-21 | N/A |
| SQL injection vulnerability in Invision Power Board (aka IPB or IP.Board) before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the cId parameter. | ||||
| CVE-2013-3725 | 1 Invisioncommunity | 1 Invision Power Board | 2024-11-21 | 9.8 Critical |
| Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution. | ||||
| CVE-2009-5159 | 2 Invisioncommunity, Microsoft | 2 Invision Power Board, Internet Explorer | 2024-11-21 | 6.1 Medium |
| Invision Power Board (aka IPB or IP.Board) 2.x through 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment. | ||||
| CVE-2012-5692 | 2 Invisioncommunity, Invisionpower | 2 Invision Power Board, Invision Power Board | 2024-08-06 | N/A |
| Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x through 3.3.x has unknown impact and remote attack vectors. | ||||
| CVE-2012-2226 | 1 Invisioncommunity | 1 Invision Power Board | 2024-08-06 | 9.8 Critical |
| Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file. | ||||