exploits , vulnerabilities , articles , SQL injection in Invision Power Board v2.1.5

2006-03-07

SQL injection in Invision Power Board v2.1.5

Rated as : High risk
SQL injection in Invision Power Board v2.1.5



Software: Invision Power Board

Web Site : http://forums.invisionpower.com

Versions: v2.1.5

Type: SQL Injection

Class: Remote

example :

http://www.victim.com/forum/index.php?showtopic=[anytopic]&pid=1&st=-1[sql]

Discovered by : Mr.SNAKE
securitydot.net - 2006-03-07

Exploits - newest 10 RSS | More

2007-06-15 56137 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 33433 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 41575 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 28786 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19317 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16336 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 18971 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16215 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33040 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 16851 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit