Vulnerability Details CVE-2006-5203
Invision Power Board (IPB) 2.1.7 and earlier allows remote restricted administrators to inject arbitrary web script or HTML, or execute arbitrary SQL commands, via a forum description that contains a crafted image with PHP code, which is executed when the user visits the "Manage Forums" link in the Admin control panel.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.8%
CVSS Severity
CVSS v2 Score 5.1
References
Products affected by CVE-2006-5203
-
cpe:2.3:a:invision_power_services:invision_power_board:*
-
cpe:2.3:a:invision_power_services:invision_power_board:1.0
-
cpe:2.3:a:invision_power_services:invision_power_board:1.0.1
-
cpe:2.3:a:invision_power_services:invision_power_board:1.0.3
-
cpe:2.3:a:invision_power_services:invision_power_board:1.1.1
-
cpe:2.3:a:invision_power_services:invision_power_board:1.1.2
-
cpe:2.3:a:invision_power_services:invision_power_board:1.2
-
cpe:2.3:a:invision_power_services:invision_power_board:1.3
-
cpe:2.3:a:invision_power_services:invision_power_board:1.3.1_final
-
cpe:2.3:a:invision_power_services:invision_power_board:1.3_final
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.0
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.1
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.4
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.x
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0_alpha3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0_pdr3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf1
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.0
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.1
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.4
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.5
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.5_2006-03-08
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.6
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta4
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_rc1