| VID |
21940 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Invision Power Board, according to its version number has an SQL injection vulnerability in the 'CLIENT_IP' parameter. Invision Power Board is a PHP-based Web forum software package, distributed by Invision Power Services, Inc.. Invision Power Board versions 2.1 through 2.1.6 could allow a remote attacker to execute specially-crafted SQL commands, caused due to an input validation error in the 'classes/class_session.php' script that does not validate the 'CLIENT_IP' variable before being used in SQL statements. This vulnerability could permit a remote attacker to pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.
* Note: This check solely relied on the version number of Invision Power Board on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://forums.invisionpower.com/index.php?autocom=bugtracker&code=show_bug&bug_title_id=2043&bug_cat_id=3
http://archives.neohapsis.com/archives/bugtraq/2006-07/0249.html
http://www.frsirt.com/english/advisories/2006/2810
http://www.milw0rm.com/exploits/2010
* Platforms Affected:
Invisionize, Invision Power Board versions 2.1 through to 2.1.6
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Invision Power Board (2.1.7 or later), available from the Invision Power Services Web site at http://www.invisionpower.com/ip.dynamic/products/blog/index.html |
| Related URL |
CVE-2006-7071 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
27753 (ISS) |
|
