Vulnerabilities > Invision Power Services > Invision Power Board > 2.1.x

DATE	CVE	VULNERABILITY TITLE	RISK
2009-03-31	CVE-2008-6565	Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature. network invision-power-services CWE-79	4.3
2006-04-26	CVE-2006-2060	Directory Traversal vulnerability in Invision Power Services Invision Power Board 2.0.X/2.1.X Directory traversal vulnerability in action_admin/paysubscriptions.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote authenticated administrators to include and execute arbitrary local PHP files via a .. network low complexity invision-power-services	6.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.