Vulnerability Details CVE-2006-7064
Cross-site scripting (XSS) vulnerability in forum/admin.php for Invision Power Board (IPB) 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML as the administrator via the phpinfo parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.3%
CVSS Severity
CVSS v2 Score 9.3
References
- http://archives.neohapsis.com/archives/bugtraq/2006-06/0204.html
- http://securityreason.com/securityalert/2307
- http://www.securityfocus.com/bid/18450
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27069
- http://archives.neohapsis.com/archives/bugtraq/2006-06/0204.html
- http://securityreason.com/securityalert/2307
- http://www.securityfocus.com/bid/18450
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27069
Products affected by CVE-2006-7064
-
cpe:2.3:a:invision_power_services:invision_power_board:1.0
-
cpe:2.3:a:invision_power_services:invision_power_board:1.0.1
-
cpe:2.3:a:invision_power_services:invision_power_board:1.0.3
-
cpe:2.3:a:invision_power_services:invision_power_board:1.1.1
-
cpe:2.3:a:invision_power_services:invision_power_board:1.1.2
-
cpe:2.3:a:invision_power_services:invision_power_board:1.2
-
cpe:2.3:a:invision_power_services:invision_power_board:1.3
-
cpe:2.3:a:invision_power_services:invision_power_board:1.3.1_final
-
cpe:2.3:a:invision_power_services:invision_power_board:1.3_final
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.0
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.1
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.4
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0.x
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0_alpha3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0_pdr3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf1
-
cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.0
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.1
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.4
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.5
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.5_2006-03-08
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.5_2006-04-25
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1.6
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta3
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta4
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5
-
cpe:2.3:a:invision_power_services:invision_power_board:2.1_rc1