Vulnerabilities > Invision Power Services > Invision Power Board > High

DATE	CVE	VULNERABILITY TITLE	RISK
2006-03-09	CVE-2006-1076	SQL Injection vulnerability in Invision Power Services Invision Power Board 2.1.5 SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote attackers to execute arbitrary SQL commands via the st parameter. network low complexity invision-power-services	7.5
2005-05-16	CVE-2005-1598	SQL Injection vulnerability in Invision Power Board Login.PHP SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable. network low complexity invision-power-services	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.