FKIE_CVE-2006-5203

Vulnerability from fkie_nvd - Published: 2006-10-10 04:06 - Updated: 2025-04-09 00:30
Severity ?
Summary
Invision Power Board (IPB) 2.1.7 and earlier allows remote restricted administrators to inject arbitrary web script or HTML, or execute arbitrary SQL commands, via a forum description that contains a crafted image with PHP code, which is executed when the user visits the "Manage Forums" link in the Admin control panel.
References
cve@mitre.orghttp://www.securityfocus.com/archive/1/447710/100/0/threaded
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/29352
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/447710/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/29352
Impacted products
Vendor Product Version
invision_power_services invision_power_board *
invision_power_services invision_power_board 1.0
invision_power_services invision_power_board 1.0.1
invision_power_services invision_power_board 1.0.3
invision_power_services invision_power_board 1.1.1
invision_power_services invision_power_board 1.1.2
invision_power_services invision_power_board 1.2
invision_power_services invision_power_board 1.3
invision_power_services invision_power_board 1.3.1_final
invision_power_services invision_power_board 1.3_final
invision_power_services invision_power_board 2.0
invision_power_services invision_power_board 2.0.0
invision_power_services invision_power_board 2.0.1
invision_power_services invision_power_board 2.0.2
invision_power_services invision_power_board 2.0.3
invision_power_services invision_power_board 2.0.4
invision_power_services invision_power_board 2.0.x
invision_power_services invision_power_board 2.0_alpha3
invision_power_services invision_power_board 2.0_pdr3
invision_power_services invision_power_board 2.0_pf1
invision_power_services invision_power_board 2.0_pf2
invision_power_services invision_power_board 2.1
invision_power_services invision_power_board 2.1.0
invision_power_services invision_power_board 2.1.1
invision_power_services invision_power_board 2.1.2
invision_power_services invision_power_board 2.1.3
invision_power_services invision_power_board 2.1.4
invision_power_services invision_power_board 2.1.5
invision_power_services invision_power_board 2.1.5_2006-03-08
invision_power_services invision_power_board 2.1.6
invision_power_services invision_power_board 2.1_alpha2
invision_power_services invision_power_board 2.1_beta2
invision_power_services invision_power_board 2.1_beta3
invision_power_services invision_power_board 2.1_beta4
invision_power_services invision_power_board 2.1_beta5
invision_power_services invision_power_board 2.1_rc1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F69B5D71-781A-4FDF-A5AB-0CE8AE6BBDBC",
              "versionEndIncluding": "2.1.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "19CF6BD7-04F2-4D69-8402-EC4B637EA083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F0C566E-2AC5-47A2-9246-2FBC87828690",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B83740E-6C38-4BEB-84A2-6B0F01799DCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "29692429-A920-4BAD-9D79-D36EBE74EFB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D52AB16-A202-48B6-82C0-AD13EBCC7FCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C498DCB3-3CC7-4334-BF61-F5DA43F4B90F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "99A7875E-DAF0-46CD-AE30-246EB3FC6BB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.3.1_final:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2103FBA-1B72-43FC-A1ED-28F8C7DA0EE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.3_final:*:*:*:*:*:*:*",
              "matchCriteriaId": "94FBF21B-CF52-41BB-BAF1-AF822586D28B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9AF155D-BDF6-4B5F-89BF-62CDE6FB48DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "615FFE8F-1EDA-4CE2-BC6F-E7348DAE37E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "19B001F3-8A6E-423D-9382-AA696D193F08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDDB243-B03B-4DFE-9234-FD886EA80C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7139AE38-8E5D-4D1D-A126-9CD10CE13E2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E24336F-BD4C-4596-8FFE-9D53AB802BB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.x:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE478AB9-7ED4-4FDD-8990-CC4442CFA416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0_alpha3:*:*:*:*:*:*:*",
              "matchCriteriaId": "14F5777B-25A8-4D20-AD24-A639E315582F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0_pdr3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FF0C787-BDC5-4154-809A-864DA3D4769D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf1:*:*:*:*:*:*:*",
              "matchCriteriaId": "23A69133-FF5A-457E-823F-64920A0DB9F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf2:*:*:*:*:*:*:*",
              "matchCriteriaId": "23C37B74-6486-46A2-AC2C-C27786ED697E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C63DDA0-9B4C-4D3E-9633-82C330753ABA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB960ACC-74D4-4AFB-886C-11EB5180DFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1BA6316-7E7E-4A6B-AA54-1846198D64BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA70C944-F70E-49F4-AA9C-D19148925C0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAF5259-D99A-45A1-8DD4-C6858B302272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67ED0140-7137-4F8D-AEA1-53251D4D4273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75723F84-9989-4195-9827-E3A6DF2ABA6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.5_2006-03-08:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED5116FA-C532-42DF-ABBD-193AD7B799A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8BC2011-5D19-4AF2-BCCD-38A03D0175FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2:*:*:*:*:*:*:*",
              "matchCriteriaId": "232885C1-B578-4E6E-8472-FF47A17DF976",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta2:*:*:*:*:*:*:*",
              "matchCriteriaId": "19FFFBC9-F6F0-421C-BD8A-6F2F81C4E62F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB7078D-61D2-4ED9-AC8E-2D4F350F0716",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EC2800F-3A8C-4B63-B754-D921DFF79496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C8BA41-7876-4738-A68A-2162E28A3AB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BF761A-6459-42B0-BCB8-F735FBDD6139",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Invision Power Board (IPB) 2.1.7 and earlier allows remote restricted administrators to inject arbitrary web script or HTML, or execute arbitrary SQL commands, via a forum description that contains a crafted image with PHP code, which is executed when the user visits the \"Manage Forums\" link in the Admin control panel."
    },
    {
      "lang": "es",
      "value": "Invision Power Board (IPB) 2.1.7 y anteriores permite a un administrador remoto restringido inyectar secuencias de comandos web o HTML de su elecci\u00f3n, o ejecutar comandos SQL de su elecci\u00f3n, a trav\u00e9s de una descripci\u00f3n del foro que contenga una imagen artesanal con c\u00f3digo PHP, lo cual es esjecutado cuando el usuario visita \"Mange Forum\" enlazando en el panel de control de Admin."
    }
  ],
  "evaluatorSolution": "The following requirements must be met for this attack to take place:\r\n- The database table prefix must be known\r\n- The admin must have access to the SQL Toolbox (any \"root admin\")\r\n- The admin must have images and referers turned on in their browser, and their browser must follow Location headers (default behaviour for most browsers)\r\n- The admin must view a malicious script as an image in their browser",
  "id": "CVE-2006-5203",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-10-10T04:06:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/447710/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/447710/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29352"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.