Vulnerability Details CVE-2012-2226
Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.13
EPSS Ranking 93.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2012-2226
-
cpe:2.3:a:invisioncommunity:invision_power_board:2.0
-
cpe:2.3:a:invisioncommunity:invision_power_board:3.0.0
-
cpe:2.3:a:invisioncommunity:invision_power_board:3.0.1
-
cpe:2.3:a:invisioncommunity:invision_power_board:3.0.2
-
cpe:2.3:a:invisioncommunity:invision_power_board:3.0.4
-
cpe:2.3:a:invisioncommunity:invision_power_board:3.1.2
-
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.0