Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-9239

Опубликовано: 03 дек. 2014
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) in Invision Power Board (aka IPB or IP.Board) 3.3.x and 3.4.x through 3.4.7 before 20141114 allows remote attackers to execute arbitrary SQL commands via the id[] parameter.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:invisioncommunity:invision_power_board:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.0:beta1:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.0:beta2:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.0:beta3:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.0:beta4:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.0:beta3:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.0:beta4:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.0:beta5:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.4:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.5:*:*:*:*:*:*:*
cpe:2.3:a:invisioncommunity:invision_power_board:3.4.6:*:*:*:*:*:*:*
cpe:2.3:a:invisionpower:invision_power_board:3.4.7:*:*:*:*:*:*:*

EPSS

Процентиль: 58%
0.0036
Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

github логотип

GHSA-ffwx-gcgv-gv97

github
больше 3 лет назад

SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) in Invision Power Board (aka IPB or IP.Board) 3.3.x and 3.4.x through 3.4.7 before 20141114 allows remote attackers to execute arbitrary SQL commands via the id[] parameter.

EPSS

Процентиль: 58%
0.0036
Низкий

7.5 High

CVSS2

Дефекты

CWE-89