Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4171

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-4171
Last Modified 07 Mar 2011 10:12:03
Published 22 Sep 2008 02:34:16
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4171

Summary

SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter.

Vulnerable Systems

Application

  • Invision Power Services Invision Power Board 2.2

  • Invision Power Services Invision Power Board 2.3


References

CONFIRM - http://forums.invisionpower.com/index.php?showtopic=276512

VUPEN - ADV-2008-2487

SECTRACK - 1020817

BID - 31288


Last Updated: 27 May 2016 10:48:24