Vulnerabilities > CVE-2006-1076 - SQL Injection vulnerability in Invision Power Services Invision Power Board 2.1.5

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
invision-power-services
exploit available

Summary

SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote attackers to execute arbitrary SQL commands via the st parameter.

Vulnerable Configurations

Part Description Count
Application
Invision_Power_Services
1

Exploit-Db

descriptionInvision Power Board 2.1.5 Showtopic SQL Injection Vulnerability. CVE-2006-1076 . Webapps exploit for php platform
idEDB-ID:27361
last seen2016-02-03
modified2006-03-06
published2006-03-06
reporterMr.SNAKE
sourcehttps://www.exploit-db.com/download/27361/
titleInvision Power Board 2.1.5 Showtopic SQL Injection Vulnerability