cbcvebase.
CVE-2006-2059
published 2006-04-26

CVE-2006-2059: action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote attackers to execute arbitrary PHP code via a search with…

PriorityP340medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
7.85%
94.0th percentile
action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote attackers to execute arbitrary PHP code via a search with a crafted value of the lastdate parameter, which alters the behavior of a regular expression to add a "#e" (execute) modifier.

Affected

1 ranges
VendorProductVersion rangeFixed in
invision_power_servicesinvision_power_board
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.