Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Invision Power Board Calendar SQL Injection Vulnerability

Information

Severity

Severity

High

Family

Family

Web application abuses

CVSSv2 Base

CVSSv2 Base

7.5

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

18 years ago

Modified

Modified

5 years ago

Summary

The remote host is running Invision Power Board - a CGI suite designed to set up a bulletin board system on the remote web server. A vulnerability has been discovered in the sources/calendar.php file that allows unauthorized users to inject SQL commands. An attacker may use this flaw to gain the control of the remote database

Solution

Solution

Upgrade to the latest version of this software.

Common Vulnerabilities and Exposures (CVE)