Vulnerabilities > CVE-2005-0886 - HTML Injection vulnerability in Invision Power Board

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

invision-power-services

nessus

exploit available

NVD

Published: 2005-05-02

Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request.

Vulnerable Configurations

Part	Description	Count
Application	Invision_Power_Services Invision Power Services Invision Board 1.0 Invision Power Services Invision Board 1.0.1 Invision Power Services Invision Board 1.1.1 Invision Power Services Invision Board 1.1.2 Invision Power Services Invision Board 1.2 Invision Power Services Invision Board 1.3 Invision Power Services Invision Board 1.3.1_Final Invision Power Services Invision Board 1.3_Final Invision Power Services Invision Board 2.0 Invision Power Services Invision Board 2.0.1 Invision Power Services Invision Board 2.0.2 Invision Power Services Invision Board 2.0_Alpha_3 Invision Power Services Invision Board 2.0_Pdr3 Invision Power Services Invision Board 2.0_Pf1 Invision Power Services Invision Board 2.0_Pf2	15

Exploit-Db

description	Invision Power Board 1.x/2.0 HTML Injection Vulnerability. CVE-2005-0886. Webapps exploit for php platform
id	EDB-ID:25267
last seen	2016-02-03
modified	2005-03-23
published	2005-03-23
reporter	Woody Hughes
source	https://www.exploit-db.com/download/25267/
title	Invision Power Board 1.x/2.0 HTML Injection Vulnerability

Nessus

NASL family	CGI abuses : XSS
NASL id	INVISION_POWER_BOARD_IFRAME_XSS.NASL
description	The version of Invision Power Board installed on the remote host does not properly sanitize HTML tags, which enables a remote attacker to inject a malicious IFRAME when posting a message to one of the hosted forums. This could cause arbitrary HTML and script code to be executed in the context of users browsing the forum, which could allow an attacker to steal cookies or misrepresent site content.
last seen	2020-06-01
modified	2020-06-02
plugin id	17609
published	2005-03-24
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/17609
title	Invision Power Board HTTP POST Request IFRAME Tag XSS
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(17609); script_version("1.19"); script_cve_id("CVE-2005-0886"); script_bugtraq_id(12888); script_name(english:"Invision Power Board HTTP POST Request IFRAME Tag XSS"); script_set_attribute(attribute:"synopsis", value: "The remote web server contains a PHP script that is vulnerable to a cross-site scripting attack." ); script_set_attribute(attribute:"description", value: "The version of Invision Power Board installed on the remote host does not properly sanitize HTML tags, which enables a remote attacker to inject a malicious IFRAME when posting a message to one of the hosted forums. This could cause arbitrary HTML and script code to be executed in the context of users browsing the forum, which could allow an attacker to steal cookies or misrepresent site content." ); script_set_attribute(attribute:"solution", value: "Upgrade to Invision Power Board 2.0.3 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990); script_set_attribute(attribute:"plugin_publication_date", value: "2005/03/24"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/03/24"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe",value:"cpe:/a:invisionpower:invision_power_board"); script_end_attributes(); script_summary(english:"Checks for IFRAME HTML Injection Vulnerability in Invision Power Board"); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses : XSS"); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_dependencies("invision_power_board_detect.nasl"); script_exclude_keys("Settings/disable_cgi_scanning"); script_require_ports("Services/www", 80); exit(0); } include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default:80); if (!get_port_state(port)) exit(0); # Test an install. install = get_kb_item(string("www/", port, "/invision_power_board")); if (isnull(install)) exit(0); matches = eregmatch(string:install, pattern:"^(.+) under (/.)$"); if (!isnull(matches)) { ver = matches[1]; if (ver =~ "^(1\.\|2\.0\.[0-2][^0-9])") { security_note(port); set_kb_item(name: 'www/'+port+'/XSS', value: TRUE); } }

References

http://www.securityfocus.com/bid/12888