Invision Power Services, Inc.

Short Name: Invision Power Services
Previous Names: [None Entered]
URL: http://www.invisionpower.com/ [visit link]
Email: infoinvisionpower.com
Security URL: [None Entered]
Security Email: [None Entered]
Knowledge Base: [None Entered]
Notes: Problems contacting Invision: http://www.governmentsecurity.org/All/Why_is_Vulnerability_disclosure_so_difficult

Full Details...

Vulnerabilities by Vendor Product

Invision Power Services, Inc.

Invision Power Services, Inc.
Power File Manager Watch-list
1.0.1
OSVDB ID: 3373 Invision Power File Manager Unspecified Issue
Power Board Watch-list
2.0.0
OSVDB ID: 10512 Invision Power Board HTTP Referer XSS
2.1.6
OSVDB ID: 26747 Invision Power Board POST Request Hexadecimal HTML XSS
Invision Gallery Watch-list
Unknown or Unspecified
OSVDB ID: 16489 Invision Gallery Module index.php show Parameter SQL Injection
OSVDB ID: 16490 Invision Gallery Module index.php cmd Parameter XSS
2.0.3
OSVDB ID: 20419 Invision Gallery index.php st Parameter SQL Injection
1.3.1
OSVDB ID: 20419 Invision Gallery index.php st Parameter SQL Injection
2.0.6
OSVDB ID: 25231 Invision Gallery post.php album Parameter SQL Injection
Invision Board Watch-list
2.1.6
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.1.5
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.1.4
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.1 Alpha 2
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.0.4
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.0.3
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.0.2
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.0.1
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.0 PF2
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.0 PF1
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.0 PDR3
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.0 alpha 3
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
2.0
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
1.3.1 Final
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
1.3 Final
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
1.3
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
1.2
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
1.1.2
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
1.1.1
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
1.0.3
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
1.0.1
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
1.0
OSVDB ID: 30084 Invision Power Board index.php CODE Parameter SQL Injection
Community Blog Module Watch-list
1.2.2
OSVDB ID: 25252 Invision Community Blog Module Unspecified Issue
Invision Power Board Watch-list
1.3
OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection
OSVDB ID: 3319 Invision Power Board calendar.php m Parameter SQL Injection
1.3 Final
OSVDB ID: 4154 Invision Power Board index.php Multiple Parameter XSS
1.3 Final
OSVDB ID: 6728 Invision Power Board Crafted Personal Photo Path Disclosure
1.x
OSVDB ID: 12003 ibProArcade Module for Invision Power Board index.php cat Parameter SQL Injection
2.x
OSVDB ID: 12003 ibProArcade Module for Invision Power Board index.php cat Parameter SQL Injection
2.0.1
OSVDB ID: 23337 Invision Power Board Task Manager Arbitrary File Execution
OSVDB ID: 35429 Invision Power Board "Task PHP File To Run" Field Traversal Local File Inclusion
OSVDB ID: 11929 Invision Power Board sources/post.php qpid Parameter SQL Injection
2.0.0
OSVDB ID: 11929 Invision Power Board sources/post.php qpid Parameter SQL Injection
1.2
OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection
1.1.x
OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection
1.0.x
OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection
1.0
OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection
2.0 PDR3
OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection
2.0 alpha 3
OSVDB ID: 4103 Invision Power Board search.php st Parameter SQL Injection
1.x.x
OSVDB ID: 13151 Invision Power Board BBTag XSS
2.0.2
OSVDB ID: 13151 Invision Power Board BBTag XSS
OSVDB ID: 11929 Invision Power Board sources/post.php qpid Parameter SQL Injection
2.0.3
OSVDB ID: 13151 Invision Power Board BBTag XSS
OSVDB ID: 16297 Invision Power Board login.php SQL Injection
1.3.x
OSVDB ID: 16298 Invision Power Board topics.php highlite Parameter XSS
OSVDB ID: 16297 Invision Power Board login.php SQL Injection
2.0.x
OSVDB ID: 16298 Invision Power Board topics.php highlite Parameter XSS
OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion
OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution
2.1
OSVDB ID: 20516 Invision Power Board admin.php Multiple Parameter XSS
OSVDB ID: 20517 Invision Power Board Admin Interface APC Notes XSS
OSVDB ID: 20518 Invision Power Board Admin Interface Member Profile Multiple Field XSS
OSVDB ID: 20519 Invision Power Board admin.php Component Fields XSS
OSVDB ID: 20520 Invision Power Board Admin Interface New Member Creation XSS
OSVDB ID: 20521 Invision Power Board Admin Interface Group Icon Image Field XSS
OSVDB ID: 20522 Invision Power Board Admin Interface Calendar Title XSS
OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion
OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution
2.0.4
OSVDB ID: 25009 Invision Power Board Search Action Multiple Parameter XSS
OSVDB ID: 25010 Invision Power Board index.php st Parameter XSS
OSVDB ID: 25011 Invision Power Board Calendar Action Multiple Parameter XSS
OSVDB ID: 25012 Invision Power Board Print Action t Parameter XSS
OSVDB ID: 25013 Invision Power Board Mail Action MID Parameter XSS
OSVDB ID: 25014 Invision Power Board Help Action HID Parameter XSS
OSVDB ID: 25015 Invision Power Board Members Action Multiple Parameter XSS
OSVDB ID: 25668 Invision Power Board class_post.php Arbitrary Code Execution
OSVDB ID: 25667 Invision Power Board moderate.php Arbitrary Code Execution
2.1.5
OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion
2.1.5 (2006.03.08)
OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion
OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution
2.1.5 (2006.04.25)
OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion
OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution
2.1 Alpha2
OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion
OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution
2.1.2
OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion
OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution
2.1.3
OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion
OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution
2.1.4
OSVDB ID: 25008 Invision Power Board action_admin/paysubscriptions.php name Variable Traversal Arbitrary PHP File Inclusion
OSVDB ID: 25005 Invision Power Board search.php lastdate Variable Arbitrary PHP Code Execution
OSVDB ID: 25021 Invision Power Board Cookie from_contact Field SQL Injection
2.1.6
OSVDB ID: 25668 Invision Power Board class_post.php Arbitrary Code Execution
OSVDB ID: 25667 Invision Power Board moderate.php Arbitrary Code Execution
1.1.1
OSVDB ID: 3357 Invision Power Board ipchat.php root_path Parameter Remote File Inclusion
PowerBoard Watch-list
1.1
OSVDB ID: 2539 Invision Power Board post_parser.php XSS
1.2
OSVDB ID: 2539 Invision Power Board post_parser.php XSS
OSVDB ID: 3353 Invision Power Board admin.php adsess Parameter XSS
OSVDB ID: 3362 Invision Power Board IBF Tag Injection
OSVDB ID: 3363 Invision Power Board functions.php sort_key SQL Injection
OSVDB ID: 3364 Invision Power Board Forums.php sort_key SQL Injection
1.1.1
OSVDB ID: 2622 Invision Power Board Insecure File Permissions
OSVDB ID: 3353 Invision Power Board admin.php adsess Parameter XSS
OSVDB ID: 3360 Invision Power Board functions.php skinid SQL Injection
OSVDB ID: 3361 Invision Power Board ipchat.php username SQL Injection
OSVDB ID: 3362 Invision Power Board IBF Tag Injection
OSVDB ID: 3363 Invision Power Board functions.php sort_key SQL Injection
OSVDB ID: 3364 Invision Power Board Forums.php sort_key SQL Injection
OSVDB ID: 3372 Invision Power Board sm_install.php Administrative Privileges
OSVDB ID: 3371 Invision Power Board ad_member.php Arbitrary File Include
1.1.2
OSVDB ID: 2622 Invision Power Board Insecure File Permissions
OSVDB ID: 3353 Invision Power Board admin.php adsess Parameter XSS
OSVDB ID: 3354 Invision Power Board post.php FLASH Tags XSS
OSVDB ID: 3361 Invision Power Board ipchat.php username SQL Injection
OSVDB ID: 3362 Invision Power Board IBF Tag Injection
OSVDB ID: 3363 Invision Power Board functions.php sort_key SQL Injection
OSVDB ID: 3364 Invision Power Board Forums.php sort_key SQL Injection
OSVDB ID: 3372 Invision Power Board sm_install.php Administrative Privileges
1.0
OSVDB ID: 3353 Invision Power Board admin.php adsess Parameter XSS
OSVDB ID: 3356 Invision Power Board phpinfo.php Information Disclosure
OSVDB ID: 3361 Invision Power Board ipchat.php username SQL Injection
OSVDB ID: 3362 Invision Power Board IBF Tag Injection
OSVDB ID: 3363 Invision Power Board functions.php sort_key SQL Injection
OSVDB ID: 3364 Invision Power Board Forums.php sort_key SQL Injection
OSVDB ID: 3372 Invision Power Board sm_install.php Administrative Privileges
1.0.1
OSVDB ID: 3353 Invision Power Board admin.php adsess Parameter XSS
OSVDB ID: 3356 Invision Power Board phpinfo.php Information Disclosure
OSVDB ID: 3362 Invision Power Board IBF Tag Injection
OSVDB ID: 3363 Invision Power Board functions.php sort_key SQL Injection
OSVDB ID: 3364 Invision Power Board Forums.php sort_key SQL Injection
OSVDB ID: 3372 Invision Power Board sm_install.php Administrative Privileges
1.01
OSVDB ID: 3361 Invision Power Board ipchat.php username SQL Injection
1.3
OSVDB ID: 3363 Invision Power Board functions.php sort_key SQL Injection
OSVDB ID: 3364 Invision Power Board Forums.php sort_key SQL Injection
2.0 alpha 3
OSVDB ID: 3363 Invision Power Board functions.php sort_key SQL Injection
OSVDB ID: 3364 Invision Power Board Forums.php sort_key SQL Injection
2.0
OSVDB ID: 8118 Invision Power Board index.php Path Disclosure
OSVDB ID: 8117 Invision Power Board index.php QUERY_STRING Parameter XSS
Power Top Site List Watch-list
1.1
OSVDB ID: 3059 Invision Power Top Site List index.php offset Parameter SQL Injection
Invision Power Board Community Blog Watch-list
1.1.2
OSVDB ID: 17211 Invision Community Blog Module multiple Parameter SQL Injection
IP.Board Watch-list
3.1.3
OSVDB ID: 69336 IP.Board Personal Conversation System Remote Information Disclosure
OSVDB ID: 70842 IP.Board Forum Password System Topic Title Disclosure



The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2012 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use