Vulnerabilities > CVE-2006-1267 - Remote Security vulnerability in Invision Power Services Invision Power Board 2.1.4
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Invision Power Board 2.1.4 allows remote attackers to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |