Secunia Logo  
 Vulnerability InformationVulnerability ScanningCommunityBlogCorporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Information > Secunia Advisories > Advisories by Product > Invision Power Board 2.x
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About


Secunia PSI WorldMap 		 
Vulnerability Report: Invision Power Board 2.x
This vulnerability report for Invision Power Board 2.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Invision Power Board 2.x then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2009
2.2. Statistics for 2008
2.3. Statistics for 2007
2.4. Statistics for 2006
2.5. Statistics for 2005
2.6. Statistics for 2004
2.7. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2009
3.2. List for 2008
3.3. List for 2007
3.4. List for 2006
3.5. List for 2005
3.6. List for 2004
3.7. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor Invision Power Services

Product Link View Here (Link to external site)

Affected By 26 Secunia advisories
33 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 0% (0 of 26 Secunia advisories)

Most Critical Unpatched
There are no unpatched Secunia advisories affecting this product, when all vendor patches are applied..




26 Secunia Advisories in 2003-2009
Secunia has issued a total of 26 Secunia advisories in 2003-2009 for Invision Power Board 2.x. Currently, 0% (0 out of 26) are marked as unpatched.

More information about the specific Secunia advisories affecting Invision Power Board 2.x can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.



Invision Power Board Multiple Vulnerabilities
Partial Fix. Secunia Advisory 1 of 3 in 2008. 3,798 views.
Release Date:
2008-09-03		 Secunia Advisory ID:
SA31683		 Solution Status:
Partial Fix
Criticality:
 Impact:
Hijacking
Manipulation of data
Exposure of sensitive information
System access
 Where:
From remote
Short Description:
DarkFig has reported some vulnerabilities in Invision Power Board (IP.Board), which can be exploited by malicious users to disclose sensitive information and compromise a vulnerable system, and by malicious people to conduct SQL injection attacks. [Read More]

Invision Power Board Nested BBCodes Script Insertion
Vendor Patch. Secunia Advisory 2 of 3 in 2008. 9,261 views.
Release Date:
2008-03-14		 Secunia Advisory ID:
SA29378		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
A vulnerability has been reported in Invision Power Board, which can be exploited by malicious people to conduct script insertion attacks. [Read More]

Invision Power Board BBCodes Script Insertion Vulnerability
Vendor Patch. Secunia Advisory 3 of 3 in 2008. 5,617 views.
Release Date:
2008-02-21		 Secunia Advisory ID:
SA29055		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
A vulnerability has been reported in Invision Power Board, which can be exploited by malicious users to conduct script insertion attacks. [Read More]

Invision Power Board Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 4 in 2007. 10,046 views.
Release Date:
2007-09-13		 Secunia Advisory ID:
SA26788		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
Cross Site Scripting
 Where:
From remote
Short Description:
Some vulnerabilities have been reported in Invision Power Board, which can be exploited by malicious users to conduct script insertion attacks or bypass certain access restrictions. [Read More]

Invision Power Board Profile Updating Security Issue
Vendor Patch. Secunia Advisory 2 of 4 in 2007. 7,760 views.
Release Date:
2007-06-12		 Secunia Advisory ID:
SA25637		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
 Where:
From remote
Short Description:
A security issue has been reported in Invision Power Board, which can be exploited by malicious users to manipulate certain data. [Read More]

Invision Power Board "editorid" Cross-Site Scripting
Vendor Workaround. Secunia Advisory 3 of 4 in 2007. 7,600 views.
Release Date:
2007-05-30		 Secunia Advisory ID:
SA25437		 Solution Status:
Vendor Workaround
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
Iron has reported a vulnerability in Invision Power Board, which can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]

Invision Power Board class_upload.php Cross-Site Scripting
Vendor Patch. Secunia Advisory 4 of 4 in 2007. 8,627 views.
Release Date:
2007-04-27		 Secunia Advisory ID:
SA25021		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
A vulnerability has been reported in Invision Power Board, which can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]

Invision Power Board "Avatar" Cross-Site Request Forgery
Vendor Patch. Secunia Advisory 1 of 11 in 2006. 9,887 views.
Release Date:
2006-10-06		 Secunia Advisory ID:
SA22272		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Hijacking
Manipulation of data
 Where:
From remote
Short Description:
Rapigator has reported a vulnerability in Invision Power Board, which can be exploited by malicious users to conduct cross-site request forgery attacks. [Read More]

Invision Power Board Threaded View Mode Security Bypass
Vendor Patch. Secunia Advisory 2 of 11 in 2006. 15,152 views.
Release Date:
2006-08-11		 Secunia Advisory ID:
SA21442		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
 Where:
From remote
Short Description:
A vulnerability has been reported in Invision Power Board, which can be exploited by malicious people to bypass certain security restrictions. [Read More]

Invision Power Board "CLIENT_IP" SQL Injection Vulnerability
Vendor Patch. Secunia Advisory 3 of 11 in 2006. 10,800 views.
Release Date:
2006-07-18		 Secunia Advisory ID:
SA21072		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
 Where:
From remote
Short Description:
1dt.w0lf has reported a vulnerability in Invision Power Board, which can be exploited by malicious people to conduct SQL injection attacks. [Read More]

Invision Power Board Cross-Site Scripting and Security Bypass
Vendor Patch. Secunia Advisory 4 of 11 in 2006. 8,961 views.
Release Date:
2006-07-03		 Secunia Advisory ID:
SA20930		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
Cross Site Scripting
 Where:
From remote
Short Description:
Two vulnerabilities have been reported in Invision Power Board, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks. [Read More]

Invision Power Board Hexadecimal HTML Entities Script Insertion
Vendor Patch. Secunia Advisory 5 of 11 in 2006. 11,017 views.
Release Date:
2006-06-21		 Secunia Advisory ID:
SA20772		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
A vulnerability has been reported in Invision Power Board, which can be exploited by malicious people to conduct script insertion attacks. [Read More]

Invision Power Board Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 6 of 11 in 2006. 11,718 views.
Release Date:
2006-05-18		 Secunia Advisory ID:
SA20158		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From remote
Short Description:
Some vulnerabilities have been reported in Invision Power Board, which potentially can be exploited by malicious users and malicious people to compromise a vulnerable system. [Read More]

Invision Power Board Topic Deletion SQL Injection
Vendor Patch. Secunia Advisory 7 of 11 in 2006. 10,172 views.
Release Date:
2006-05-02		 Secunia Advisory ID:
SA19901		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
 Where:
From remote
Short Description:
Devil-00 has reported a vulnerability in Invision Power Board, which can be exploited by malicious users to conduct SQL injection attacks. [Read More]

Invision Power Board "from_contact" SQL Injection Vulnerability
Vendor Patch. Secunia Advisory 8 of 11 in 2006. 10,104 views.
Release Date:
2006-04-28		 Secunia Advisory ID:
SA19861		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
 Where:
From remote
Short Description:
satanchild123 has reported a vulnerability in Invision Power Board, which can be exploited by malicious users to conduct SQL injection attacks. [Read More]

Invision Power Board Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 9 of 11 in 2006. 11,487 views.
Release Date:
2006-04-26		 Secunia Advisory ID:
SA19830		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
Cross Site Scripting
Manipulation of data
System access
 Where:
From remote
Short Description:
Some vulnerabilities have been reported in Invision Power Board, which can be exploited by malicious people to conduct script insertion and SQL injection attacks, and compromise a vulnerable system. [Read More]

Invision Power Board PM Unspecified Cross-Site Scripting
Vendor Patch. Secunia Advisory 10 of 11 in 2006. 7,614 views.
Release Date:
2006-03-22		 Secunia Advisory ID:
SA19299		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
A vulnerability has been reported in Invision Power Board, which potentially can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]

Invision Power Board Cross-Site Scripting and SQL Injection Vulnerabilities
Vendor Patch. Secunia Advisory 11 of 11 in 2006. 8,605 views.
Release Date:
2006-03-07		 Secunia Advisory ID:
SA19141		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
Manipulation of data
 Where:
From remote
Short Description:
Two vulnerabilities have been reported in Invision Power Board, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. [Read More]

Invision Power Board "adsess" Cross-Site Scripting Vulnerability
Vendor Patch. Secunia Advisory 1 of 5 in 2005. 9,153 views.
Release Date:
2005-11-07		 Secunia Advisory ID:
SA17443		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
benjilenoob has reported a vulnerability in Invision Power Board, which can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]

Invision Power Board HTML / TXT Attachment Script Insertion
Vendor Patch. Secunia Advisory 2 of 5 in 2005. 10,409 views.
Release Date:
2005-08-09		 Secunia Advisory ID:
SA16348		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
V[i]RuS has discovered a vulnerability in Invision Power Board, which can be exploited by malicious people to conduct script insertion attacks. [Read More]

Invision Power Board Privilege Escalation Vulnerability
Vendor Patch. Secunia Advisory 3 of 5 in 2005. 11,524 views.
Release Date:
2005-05-30		 Secunia Advisory ID:
SA15545		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
 Where:
From remote
Short Description:
Rapigator has reported a vulnerability in Invision Power Board, which can be exploited by malicious users to gain escalated privileges. [Read More]

Invision Power Board Cross-Site Scripting and SQL Injection
Vendor Patch. Secunia Advisory 4 of 5 in 2005. 11,426 views.
Release Date:
2005-05-06		 Secunia Advisory ID:
SA15265		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
Manipulation of data
 Where:
From remote
Short Description:
James Bercegay has reported two vulnerabilities in Invision Power Board, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. [Read More]

Invision Power Board SML Codes Script Insertion Vulnerability
Vendor Patch. Secunia Advisory 5 of 5 in 2005. 11,359 views.
Release Date:
2005-02-21		 Secunia Advisory ID:
SA14329		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
Daniel A. has reported a vulnerability in Invision Power Board, which potentially can be exploited by malicious users to conduct script insertion attacks. [Read More]

Invision Power Board "qpid" SQL Injection Vulnerability
Vendor Patch. Secunia Advisory 1 of 3 in 2004. 10,060 views.
Release Date:
2004-11-19		 Secunia Advisory ID:
SA13245		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
 Where:
From remote
Short Description:
Positive Technologies has reported a vulnerability in Invision Power Board, which can be exploited by malicious people to conduct SQL injection attacks. [Read More]

Invision Power Board Referer Header Cross-Site Scripting
Vendor Patch. Secunia Advisory 2 of 3 in 2004. 13,501 views.
Release Date:
2004-10-06		 Secunia Advisory ID:
SA12740		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
Alexander Antipov has reported a vulnerability in Invision Power Board, which can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]

Invision Power Board "index.php" Cross Site Scripting Vulnerability
Vendor Patch. Secunia Advisory 3 of 3 in 2004. 8,671 views.
Release Date:
2004-07-21		 Secunia Advisory ID:
SA12105		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
Electrobug has reported a vulnerability in Invision Power Board, allowing malicious people to conduct Cross Site Scripting attacks. [Read More]






Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs (open positions) | About Secunia
Copyright Secunia 2002-2009