Detections
Analytics

CVE-2004-1536

critical

Description

SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18180

http://secunia.com/advisories/13260

http://marc.info/?l=bugtraq&m=110098512318132&w=2

Details

Source: Mitre, NVD

Published: 2004-12-31

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical