IP.Board IP.Downloads Multiple Access Security Bypass Vulnerabilities
BID:58199
Info
IP.Board IP.Downloads Multiple Access Security Bypass Vulnerabilities
| Bugtraq ID: | 58199 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 27 2013 12:00AM |
| Updated: | Feb 27 2013 12:00AM |
| Credit: | Reported by the vendor and Con |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
IP.Board IP.Downloads Multiple Access Security Bypass Vulnerabilities
The IP.Downloads module for IP.Board is prone to multiple security-bypass vulnerabilities.
An attacker can exploit these issues to bypass certain security restrictions and gain unauthorized access; this may aid in launching further attacks.
IP.Downloads 2.5.2 is vulnerable; other versions may also be affected.
The IP.Downloads module for IP.Board is prone to multiple security-bypass vulnerabilities.
An attacker can exploit these issues to bypass certain security restrictions and gain unauthorized access; this may aid in launching further attacks.
IP.Downloads 2.5.2 is vulnerable; other versions may also be affected.
Exploit / POC
IP.Board IP.Downloads Multiple Access Security Bypass Vulnerabilities
Attackers can exploit these issues through a browser.
Attackers can exploit these issues through a browser.
Solution / Fix
IP.Board IP.Downloads Multiple Access Security Bypass Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
IP.Board IP.Downloads Multiple Access Security Bypass Vulnerabilities
References:
References:
- Invision Power Services - Homepage (Invision Power Services)