CVE-2005-2542

Invision Power Board IPB 1.0.3 - XSS

Title source: llm

Description

Invision Power Board (IPB) 1.0.3 allows remote attackers to inject arbitrary web script or HTML via an attachment, which is automatically downloaded and processed as HTML.

Exploits (1)

exploitdb WORKING POC VERIFIED

by V[i]RuS · htmlwebappsphp

https://www.exploit-db.com/exploits/26104

View Code ZIP pw:eip

References (3)

[Mailing List] http://marc.info/?l=bugtraq&m=112327712614854&w=2

[Third Party Advisory] http://secunia.com/advisories/16348

[Exploit] http://www.securityfocus.com/bid/14492

Scores

EPSS 0.0333

EPSS Percentile 87.3%

Details

Status published

Products (10)

invision_power_services/invision_board 2.0

invision_power_services/invision_board 2.0.1

invision_power_services/invision_board 2.0.2

invision_power_services/invision_board 2.0.3

invision_power_services/invision_board 2.0.4

invision_power_services/invision_board 2.0_alpha_3

invision_power_services/invision_board 2.0_pdr3

invision_power_services/invision_board 2.0_pf1

invision_power_services/invision_board 2.0_pf2

invision_power_services/invision_board 2.1_alpha2

Published Aug 10, 2005

Tracked Since Feb 18, 2026