CVE-2005-1598
Invision Power Services Invision Board - SQL Injection
Title source: ruleDescription
SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable.
Exploits (3)
exploitdb
WRITEUP
VERIFIED
by Danica Jones · textwebappsphp
https://www.exploit-db.com/exploits/1014
exploitdb
WORKING POC
VERIFIED
by Petey Beege · perlwebappsphp
https://www.exploit-db.com/exploits/1013
References (12)
Scores
EPSS
0.0778
EPSS Percentile
92.0%
Details
Status
published
Products (9)
invision_power_services/invision_board
1.0
invision_power_services/invision_board
1.0.1
invision_power_services/invision_board
1.1.1
invision_power_services/invision_board
1.1.2
invision_power_services/invision_board
1.2
invision_power_services/invision_board
1.3
invision_power_services/invision_board
2.0_alpha_3
invision_power_services/invision_board
2.0_pdr3
invision_power_services/invision_power_board
2.0.3
Published
May 16, 2005
Tracked Since
Feb 18, 2026