exploits , vulnerabilities , articles , SQL injection in Invision Power Board v2.1.5

2006-03-07

SQL injection in Invision Power Board v2.1.5

Rated as : High risk
SQL injection in Invision Power Board v2.1.5



Software: Invision Power Board

Web Site : http://forums.invisionpower.com

Versions: v2.1.5

Type: SQL Injection

Class: Remote

example :

http://www.victim.com/forum/index.php?showtopic=[anytopic]&pid=1&st=-1[sql]

Discovered by : Mr.SNAKE
securitydot.net - 2006-03-07

Exploits - newest 10 RSS | More

2007-06-15 37753 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 19586 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 23301 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 19634 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 12056 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 10251 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 12449 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 10327 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 22269 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 10820 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit