Vulnerabilities > Invision Power Services > Invision Board > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-11-23 | CVE-2004-0355 | Path Disclosure vulnerability in Invision Power Services Invision Board 1.3 Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message. | 5.0 |
| 2003-12-31 | CVE-2003-1454 | Unspecified vulnerability in Invision Power Services Invision Board 1.0/1.0.1/1.1.1 Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. | 5.0 |
| 2002-10-11 | CVE-2002-1149 | Information Disclosure vulnerability in Invision Board 1.0/1.0.1 The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings. | 5.0 |