Vulnerabilities > Invision Power Services > Invision Power Board > 2.1.x
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-03-31 | CVE-2008-6565 | Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature. | 4.3 |
2006-04-26 | CVE-2006-2060 | Directory Traversal vulnerability in Invision Power Services Invision Power Board 2.0.X/2.1.X Directory traversal vulnerability in action_admin/paysubscriptions.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote authenticated administrators to include and execute arbitrary local PHP files via a .. | 6.4 |