Invision Power Services: >> Invision Power Board Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php.
CVSS Score
4.3
EPSS Score
0.004
Published
2004-12-31
ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web server that contains the code.
CVSS Score
6.8
EPSS Score
0.027
Published
2003-12-31
Page 5