CVE-2004-1531
Invision Power Board 2.0.0-2.0.2 - SQL Injection via qpid Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-1531. PoCs published by RusH.
AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in Invision Power Board versions 2.0.0 to 2.0.2. It allows an attacker to extract user credentials, including member IDs, usernames, and password hashes, by manipulating the 'qpid' parameter in a crafted HTTP request.
Description
SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows remote attackers to execute arbitrary SQL commands via the qpid parameter.
Exploits (1)
This Perl script exploits a SQL injection vulnerability in Invision Power Board versions 2.0.0 to 2.0.2. It allows an attacker to extract user credentials, including member IDs, usernames, and password hashes, by manipulating the 'qpid' parameter in a crafted HTTP request.