Description
SQL injection vulnerability in index.php in Invision Power Board 1.3.1 Final and earlier allows remote attackers to execute arbitrary SQL commands via the st parameter.
Exploits (1)
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/20059
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13097
Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/395515
Vendor Advisory vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/alerts/2005/Apr/1013676.html
Scores
EPSS
0.0040
EPSS Percentile
60.4%
Details
Status
published
Products (8)
invision_power_services/invision_board
1.0
invision_power_services/invision_board
1.0.1
invision_power_services/invision_board
1.1.1
invision_power_services/invision_board
1.1.2
invision_power_services/invision_board
1.2
invision_power_services/invision_board
1.3
invision_power_services/invision_board
1.3.1_final
invision_power_services/invision_board
1.3_final
Published
Apr 11, 2005
Tracked Since
Feb 18, 2026