Info

Disclosure

May 04, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Invision Community Blog contains a flaw that can be exploited when one has moderator ability access. No further details have been provided.

Classification

Location: Remote / Network Access, Location Unknown
Attack Type: Attack Type Unknown
Impact: Impact Unknown
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 1.2.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Invision Power Services, Inc.

Community Blog Module

1.2.2

References

Bugtraq ID: 17851
Secunia Advisory ID: 19973
CVE ID: 2006-2251 (see also: NVD)
Vendor Specific News/Changelog Entry: http://forums.invisionpower.com/index.php?showtopic=214248&st=0&p=1383070%EF%BF%BDentry1383070

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/25252