CGI abuses : Invision Power Board HTML Injection

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.52056

Category: CGI abuses

Title: Invision Power Board HTML Injection

Summary: NOSUMMARY

Description: Description:

The remote version of Invision Power Board, according to its
version number, is vulnerable to an HTML injection attack due
to insufficient filtering of HTML tags.

Version 1.3.1 and prior, as well as 2.0.2 and prior, are
known to be vulnerable.

Solution : Upgrade to a newer version when one is available.
http://www.invisionboard.com/

Risk factor : Medium

CVSS Score:
4.3

Cross-Ref: BugTraq ID: 12888
Common Vulnerability Exposure (CVE) ID: CVE-2005-0886
http://www.securityfocus.com/bid/12888

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.52056
Category:	CGI abuses
Title:	Invision Power Board HTML Injection
Summary:	NOSUMMARY
Description:	Description: The remote version of Invision Power Board, according to its version number, is vulnerable to an HTML injection attack due to insufficient filtering of HTML tags. Version 1.3.1 and prior, as well as 2.0.2 and prior, are known to be vulnerable. Solution : Upgrade to a newer version when one is available. http://www.invisionboard.com/ Risk factor : Medium CVSS Score: 4.3
Cross-Ref:	BugTraq ID: 12888 Common Vulnerability Exposure (CVE) ID: CVE-2005-0886 http://www.securityfocus.com/bid/12888
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com