Vulnerability Details CVE-2007-3219
Unspecified vulnerability in sources/action_public/xmlout.php in Invision Power Board (IPB or IP.Board) 2.2.0 through 2.2.2 allows remote attackers to modify another user's profile data, such as an AIM screen name or Yahoo! identity.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.2%
CVSS Severity
CVSS v2 Score 7.8
References
- http://forums.invisionpower.com/index.php?showtopic=235316
- http://secunia.com/advisories/25637
- http://www.osvdb.org/35436
- http://www.securityfocus.com/bid/24442
- http://www.vupen.com/english/advisories/2007/2160
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34841
- http://forums.invisionpower.com/index.php?showtopic=235316
- http://secunia.com/advisories/25637
- http://www.osvdb.org/35436
- http://www.securityfocus.com/bid/24442
- http://www.vupen.com/english/advisories/2007/2160
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34841
Products affected by CVE-2007-3219
-
cpe:2.3:a:invision_power_services:invision_power_board:2.2
-
cpe:2.3:a:invision_power_services:invision_power_board:2.2.1
-
cpe:2.3:a:invision_power_services:invision_power_board:2.2.2