Known Vulnerabilities for products from Invision Power Services

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Invision Power Services".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2010-0802 json	SQL injection vulnerability in index.php in (nv2) Awards 1.1.0, a modification for Invision Power Board, allows remote attack...	Not Provided	2010-03-02	2026-04-29
CVE-2008-6565 json	Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrar...	Not Provided	2009-03-31	2026-04-23
CVE-2008-4171 json	SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers t...	Not Provided	2008-09-22	2026-04-23
CVE-2008-1359 json	Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 before 2008-03-13 allows remote atta...	Not Provided	2008-03-17	2026-04-23
CVE-2008-0913 json	Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote attackers to inject ar...	Not Provided	2008-02-22	2026-04-23
CVE-2008-0421 json	SQL injection vulnerability in Invision Gallery 2.0.7 and earlier allows remote attackers to execute arbitrary SQL commands v...	Not Provided	2008-01-23	2026-04-23
CVE-2007-5688 json	Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpB...	Not Provided	2007-10-29	2026-04-23
CVE-2007-4914 json	Unspecified vulnerability in the subscriptions manager in Invision Power Board (IPB or IP.Board) 2.3.1 before 20070912 allows...	Not Provided	2007-09-17	2026-04-23
CVE-2007-4913 json	ips_kernel/class_upload.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 20070912 allows remote attackers to upload ...	Not Provided	2007-09-17	2026-04-23
CVE-2007-4912 json	Cross-site scripting (XSS) vulnerability in ips_kernel/class_ajax.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 2...	Not Provided	2007-09-17	2026-04-23
CVE-2007-3219 json	Unspecified vulnerability in sources/action_public/xmlout.php in Invision Power Board (IPB or IP.Board) 2.2.0 through 2.2.2 a...	Not Provided	2007-06-14	2026-04-23
CVE-2007-2963 json	Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board (IPB or IP.Board) 2.2.2, and possibly earlier, al...	Not Provided	2007-05-31	2026-04-23
CVE-2007-2349 json	Cross-site scripting (XSS) vulnerability in Invision Power Board (IP.Board) 2.1.x and 2.2.x allows remote attackers to inject...	Not Provided	2007-04-30	2026-04-23
CVE-2006-7071 json	SQL injection vulnerability in classes/class_session.php in Invision Power Board (IPB) 2.1 up to 2.1.6 allows remote attacker...	Not Provided	2007-03-02	2026-04-23
CVE-2006-7064 json	Cross-site scripting (XSS) vulnerability in forum/admin.php for Invision Power Board (IPB) 2.1.6 and earlier allows remote at...	Not Provided	2007-02-24	2026-04-23
CVE-2006-6370 json	SQL injection vulnerability in forum/modules/gallery/post.php in Invision Gallery 2.0.7 allows remote attackers to cause a de...	Not Provided	2006-12-07	2026-04-23
CVE-2006-6369 json	SQL injection vulnerability in lib/entry_reply_entry.php in Invision Community Blog Mod 1.2.4 allows remote attackers to exec...	Not Provided	2006-12-07	2026-04-23
CVE-2006-5206 json	SQL injection vulnerability in Invision Gallery 2.0.7 allows remote attackers to execute arbitrary SQL commands via the album...	Not Provided	2006-10-10	2026-04-23
CVE-2006-5205 json	Directory traversal vulnerability in Invision Gallery 2.0.7 allows remote attackers to read arbitrary files via a .. (dot dot...	Not Provided	2006-10-10	2026-04-23
CVE-2006-5204 json	Cross-site scripting (XSS) vulnerability in action_admin/member.php in Invision Power Board (IPB) 2.1.7 and earlier allows re...	Not Provided	2006-10-10	2026-04-23

Results limited to 20 most recent vulnerabilities