Vendor Dictionary: Invision Power Services, Inc.

Invision Power Services, Inc.

Short Name:	Invision Power Services
Previous Names:	[None Entered]
URL:	http://www.invisionpower.com/ [visit link]
Email:	infoinvisionpower.com
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	Problems contacting Invision: http://www.governmentsecurity.org/All/Why_is_Vulnerability_disclosure_so_difficult

Vulnerabilities by Vendor Product

Invision Power Services, Inc.

« Previous 1 2 Next »

Invision Power Services, Inc.

Invision Power Board Dragoran Portal Module: 1.3; OSVDB ID: 22851 Invision Power Board Dragoran Portal Module index.php site Parameter SQL Injection

Invision Gallery: Unknown or Unspecified; OSVDB ID: 16489 Invision Gallery Module index.php show Parameter SQL Injection; OSVDB ID: 16490 Invision Gallery Module index.php cmd Parameter XSS; 2.0.3; OSVDB ID: 20419 Invision Gallery index.php st Parameter SQL Injection; 1.3.1; OSVDB ID: 20419 Invision Gallery index.php st Parameter SQL Injection; 2.0.6; OSVDB ID: 25231 Invision Gallery post.php album Parameter SQL Injection

IP.Gallery Addon for IP.Board: 4.2.1; 4.2.x; 5.0.x

Invision Board: 2.1.6; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.1.5; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.1.4; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.1 Alpha 2; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.0.4; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.0.3; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.0.2; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.0.1; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.0 PF2; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.0 PF1; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.0 PDR3; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.0 alpha 3; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 2.0; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 1.3.1 Final; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 1.3 Final; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 1.3; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 1.2; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 1.1.2; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 1.1.1; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 1.0.3; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 1.0.1; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection; 1.0; OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection

Community Blog Module: 1.2.2; OSVDB ID: 25252 Invision Community Blog Module Unspecified Issue

Invision Power Board: 1.3; OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection; OSVDB ID: 3319 Invision Power Board calendar.php m Parameter SQL Injection; 1.3 Final; OSVDB ID: 4154 Invision Power Board index.php Multiple Parameter XSS; 1.3 Final; OSVDB ID: 6728 Invision Power Board Crafted Personal Photo Path Disclosure; 1.x; OSVDB ID: 12003 ibProArcade Module for Invision Power Board index.php cat Parameter SQL Injection; 2.x; OSVDB ID: 12003 ibProArcade Module for Invision Power Board index.php cat Parameter SQL Injection; 2.0.1; OSVDB ID: 23337 Invision Power Board Task Manager Arbitrary File Execution; OSVDB ID: 35429 Invision Power Board "Task PHP File To Run" Field Traversal Local File Inclusion; OSVDB ID: 11929 Invision Power Board sources/post.php qpid Parameter SQL Injection; 2.0.0; OSVDB ID: 11929 Invision Power Board sources/post.php qpid Parameter SQL Injection; 1.2; OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection; 1.1.x; OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection; 1.0.x; OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection; 1.0; OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection; 2.0 PDR3; OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection; 2.0 alpha 3; OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection; 1.x.x; OSVDB ID: 13151 Invision Power Board BBTag XSS; 2.0.2; OSVDB ID: 13151 Invision Power Board BBTag XSS; OSVDB ID: 11929 Invision Power Board sources/post.php qpid Parameter SQL Injection; 2.0.3; OSVDB ID: 13151 Invision Power Board BBTag XSS; OSVDB ID: 16297 Invision Power Board login.php SQL Injection; 1.3.x; OSVDB ID: 16298 Invision Power Board topics.php highlite Parameter XSS; OSVDB ID: 16297 Invision Power Board login.php SQL Injection; 2.0.x; OSVDB ID: 16298 Invision Power Board topics.php highlite Parameter XSS; OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion; OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution; 2.1; OSVDB ID: 20516 Invision Power Board admin.php Multiple Parameter XSS; OSVDB ID: 20517 Invision Power Board Admin Interface APC Notes XSS; OSVDB ID: 20518 Invision Power Board Admin Interface Member Profile Multiple Field XSS; OSVDB ID: 20519 Invision Power Board admin.php Component Fields XSS; OSVDB ID: 20520 Invision Power Board Admin Interface New Member Creation XSS; OSVDB ID: 20521 Invision Power Board Admin Interface Group Icon Image Field XSS; OSVDB ID: 20522 Invision Power Board Admin Interface Calendar Title XSS; OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion; OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution; 2.0.4; OSVDB ID: 25009 Invision Power Board Search Action Multiple Parameter XSS; OSVDB ID: 25010 Invision Power Board index.php st Parameter XSS; OSVDB ID: 25011 Invision Power Board Calendar Action Multiple Parameter XSS; OSVDB ID: 25012 Invision Power Board Print Action t Parameter XSS; OSVDB ID: 25013 Invision Power Board Mail Action MID Parameter XSS; OSVDB ID: 25014 Invision Power Board Help Action HID Parameter XSS; OSVDB ID: 25015 Invision Power Board Members Action Multiple Parameter XSS; OSVDB ID: 25668 Invision Power Board class_post.php Arbitrary Code Execution; OSVDB ID: 25667 Invision Power Board moderate.php Arbitrary Code Execution; 2.1.5; OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion; 2.1.5 (2006.03.08); OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion; OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution; 2.1.5 (2006.04.25); OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion; OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution; 2.1 Alpha2; OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion; OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution; 2.1.2; OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion; OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution; 2.1.3; OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion; OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution; 2.1.4; OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion; OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution; OSVDB ID: 25021 Invision Power Board Cookie from_contact Field SQL Injection; 2.1.6; OSVDB ID: 25668 Invision Power Board class_post.php Arbitrary Code Execution; OSVDB ID: 25667 Invision Power Board moderate.php Arbitrary Code Execution; 2.2.0; OSVDB ID: 35436 IP.Board sources/action_public/xmlout.php Arbitrary Profile Manipulation; 2.2.2; OSVDB ID: 35436 IP.Board sources/action_public/xmlout.php Arbitrary Profile Manipulation; 1.1.1; OSVDB ID: 3357 Invision Power Board ipchat.php root_path Parameter Remote File Inclusion; 3.3.0; OSVDB ID: 81148 Invision Power Board (IP.Board) like.php _unsubscribe Function key Parameter Local File Inclusion; 3.2.0; OSVDB ID: 81344 IP.Board Multiple Unspecified Issues; 3.2.1; OSVDB ID: 81344 IP.Board Multiple Unspecified Issues; 3.2.2; OSVDB ID: 81344 IP.Board Multiple Unspecified Issues; 3.2.3; OSVDB ID: 81344 IP.Board Multiple Unspecified Issues; OSVDB ID: 81770 IP.Board index.php showforum Parameter XSS; 3.3.0; OSVDB ID: 81344 IP.Board Multiple Unspecified Issues; 3.2.3; 3.2.0; OSVDB ID: 85510 Invision Power Board (IP.Board) composite.php Unspecified XSS; 3.2.1; OSVDB ID: 85510 Invision Power Board (IP.Board) composite.php Unspecified XSS; 3.2.2; OSVDB ID: 85510 Invision Power Board (IP.Board) composite.php Unspecified XSS; 3.2.3; OSVDB ID: 85510 Invision Power Board (IP.Board) composite.php Unspecified XSS

Invision Power Gallery Module for Invision Power Board: 4.2.0; OSVDB ID: 81344 IP.Board Multiple Unspecified Issues; 4.2.1; OSVDB ID: 81344 IP.Board Multiple Unspecified Issues

Invision Power Board Community Blog: 1.1.2; OSVDB ID: 17211 Invision Community Blog Module multiple Parameter SQL Injection

IP.Gallery: 2.0.5; OSVDB ID: 89337 IP.Gallery index.php img Parameter SQL Injection

IP.Board: 3.1.3; OSVDB ID: 69336 IP.Board Personal Conversation System Remote Information Disclosure; OSVDB ID: 70842 IP.Board Forum Password System Topic Title Disclosure; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.2.0; OSVDB ID: 80035 IP.Board Post Editing XSS; OSVDB ID: 80036 IP.Board /admin/extensions/coreVariables.php Unspecified XSS; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.2.1; OSVDB ID: 80035 IP.Board Post Editing XSS; OSVDB ID: 80036 IP.Board /admin/extensions/coreVariables.php Unspecified XSS; 3.2.2; OSVDB ID: 80035 IP.Board Post Editing XSS; OSVDB ID: 80036 IP.Board /admin/extensions/coreVariables.php Unspecified XSS; 3.2.3; OSVDB ID: 80035 IP.Board Post Editing XSS; OSVDB ID: 80036 IP.Board /admin/extensions/coreVariables.php Unspecified XSS; 2.2.0; OSVDB ID: 82807 IP.Board Image/Code Pre-generation CAPTCHA Bypass; 3.1.0; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.1.1; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.1.2; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.1.3; 3.1.4; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.2.0; 3.2.1; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.2.2; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.2.3; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.3.0; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.3.1; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.3.2; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.3.3; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.3.4; OSVDB ID: 86702 IP.Board admin/sources/base/core.php IPSCookie::get() Method Arbitrary PHP Code Execution; 3.4; OSVDB ID: 88844 IP.Board Unspecified Issue; 3.3; OSVDB ID: 88844 IP.Board Unspecified Issue; 3.2; OSVDB ID: 88844 IP.Board Unspecified Issue; 3.1; OSVDB ID: 88844 IP.Board Unspecified Issue; 3.4; OSVDB ID: 93030 IP.Board Unspecified Admin Account Access Issue; 3.3; OSVDB ID: 93030 IP.Board Unspecified Admin Account Access Issue; 3.2; OSVDB ID: 93030 IP.Board Unspecified Admin Account Access Issue

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.