CVE-2008-4171
published 2008-09-22CVE-2008-4171: SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands…
PriorityP335high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.06%
60.4th percentile
SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| invision_power_services | invision_power_board | — | — |
| invision_power_services | invision_power_board | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://forums.invisionpower.com/index.php?showtopic=276512http://www.securityfocus.com/bid/31288http://www.securitytracker.com/id?1020817http://www.vupen.com/english/advisories/2008/2487http://forums.invisionpower.com/index.php?showtopic=276512http://www.securityfocus.com/bid/31288http://www.securitytracker.com/id?1020817http://www.vupen.com/english/advisories/2008/2487
2008-09-22
Published