Invision Power Board Search.PHP Script Injection Vulnerability

Bugtraq ID:	17695
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 25 2006 12:00AM
Updated:	Apr 27 2006 09:30PM
Credit:	IceShaman and Wells are credited with the discovery of this vulnerability.
Vulnerable:	Invision Power Services Invision Power Board 2.1.5.2006.03.08 Invision Power Services Invision Board 2.1.5 + Invision Power Services Invision Board 2.1 Invision Power Services Invision Board 2.1 Alpha2 Invision Power Services Invision Board 2.1 + Invision Power Services Invision Board 2.1 Invision Power Services Invision Board 2.0.4 Invision Power Services Invision Board 2.0.3 Invision Power Services Invision Board 2.0.2 Invision Power Services Invision Board 2.0.1 Invision Power Services Invision Board 2.0 PF2 Invision Power Services Invision Board 2.0 PF1 Invision Power Services Invision Board 2.0 PDR3 Invision Power Services Invision Board 2.0 Alpha 3 Invision Power Services Invision Board 2.0
Not Vulnerable:	Invision Power Services Invision Power Board 2.1.5.2006.04.25

Invision Power Board Search.PHP Script Injection Vulnerability

Invision Power Board is prone to a script-injection vulnerability. A malicious user can exploit this vulnerability to execute arbitrary, malicious PHP code.

Script code would be executed with the privileges of the webserver process.

Invision Power Board Search.PHP Script Injection Vulnerability

This issue can be exploited through a web client.

The following exploit is available:

• /data/vulnerabilities/exploits/invvy-v2.pl

Invision Power Board Search.PHP Script Injection Vulnerability

Solution:
The vendor has released an updated version to address this and other issues.mailto:[email protected]


Invision Power Services Invision Power Board 2.1.5.2006.03.08

• Invision Power Services ipb215_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9981

Invision Power Services Invision Board 2.0 PF1

• Invision Power Services ipb200_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9980

Invision Power Services Invision Board 2.0 PDR3

• Invision Power Services ipb200_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9980

Invision Power Services Invision Board 2.0

• Invision Power Services ipb200_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9980

Invision Power Services Invision Board 2.0 PF2

• Invision Power Services ipb200_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9980

Invision Power Services Invision Board 2.0 Alpha 3

• Invision Power Services ipb200_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9980

Invision Power Services Invision Board 2.0.1

• Invision Power Services ipb200_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9980

Invision Power Services Invision Board 2.0.2

• Invision Power Services ipb200_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9980

Invision Power Services Invision Board 2.0.3

• Invision Power Services ipb200_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9980

Invision Power Services Invision Board 2.0.4

• Invision Power Services ipb200_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9980

Invision Power Services Invision Board 2.1

• Invision Power Services ipb215_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9981

Invision Power Services Invision Board 2.1 Alpha2

• Invision Power Services ipb215_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9981

Invision Power Services Invision Board 2.1.5

• Invision Power Services ipb215_su250406.zip
  http://forums.invisionpower.com/index.php?s=fa2b4307b09f7a0f5daafdfb86 8b610d&act=Attach&type=post&id=9981

Invision Power Board Search.PHP Script Injection Vulnerability

References:

• Invision Board Homepage (Invision Power Services)
  
• Invision Power Services > Invision Power Services, Inc. > Company News and Updat (Invision Power Services)
  
• Invision Power Board 2.1.5 POC (Javier Olascoaga)
  
• Invision Vulnerabilities, including remote code execution ([email protected])