Invision Power Board 'index.php' Cross Site Request Forgery Vulnerability
BID:69668
Info
Invision Power Board 'index.php' Cross Site Request Forgery Vulnerability
| Bugtraq ID: | 69668 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 03 2014 12:00AM |
| Updated: | Sep 03 2014 12:00AM |
| Credit: | Piotr S |
| Vulnerable: |
Invision Power Services Invision Power Board 3.4.6 Invision Power Services Invision Power Board 3.4.5 Invision Power Services Invision Power Board 3.4.4 Invision Power Services Invision Power Board 3.4.2 Invision Power Services Invision Power Board 3.4.1 Invision Power Services Invision Power Board 3.3.4 Invision Power Services Invision Power Board 3.3.3 Invision Power Services Invision Power Board 3.3.1 Invision Power Services Invision Power Board 3.3 Invision Power Services Invision Power Board 3.2.3 Invision Power Services Invision Power Board 3.2.2 Invision Power Services Invision Power Board 3.2.1 Invision Power Services Invision Power Board 3.2 Invision Power Services Invision Power Board 3.1.4 Invision Power Services Invision Power Board 3.1.3 Invision Power Services Invision Power Board 3.1.2 Invision Power Services Invision Power Board 3.0.5 Invision Power Services Invision Power Board 3.0.3 Invision Power Services Invision Power Board 3.0.2 Invision Power Services Invision Power Board 3.0.1 Invision Power Services Invision Power Board 3.0 b5 Invision Power Services Invision Power Board 3.0 Invision Power Services Invision Power Board 2.3.6 Invision Power Services Invision Power Board 2.3.5 Invision Power Services Invision Power Board 2.3.4 Invision Power Services Invision Power Board 2.3.1 Invision Power Services Invision Power Board 2.2.2 Invision Power Services Invision Power Board 2.2.1 Invision Power Services Invision Power Board 2.2 Invision Power Services Invision Power Board 2.1.6 Invision Power Services Invision Power Board 3.4 Invision Power Services Invision Power Board 3.3 Invision Power Services Invision Power Board 3.2 Invision Power Services Invision Power Board 3.1 Invision Power Services Invision Power Board 3.0.4 Invision Power Services Invision Power Board 3 |
| Not Vulnerable: | |
Discussion
Invision Power Board 'index.php' Cross Site Request Forgery Vulnerability
Invision Power Board is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to gain unauthorized access to the affected application and perform certain actions in the context of the affected user; other attacks are also possible.
Invision Power Board 3.4.6 and prior versions are vulnerable.
Invision Power Board is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to gain unauthorized access to the affected application and perform certain actions in the context of the affected user; other attacks are also possible.
Invision Power Board 3.4.6 and prior versions are vulnerable.