Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2006-5204

Cross-site scripting (XSS) vulnerability in action_admin/member.php in Invision Power Board (IPB) 2.1.7 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a reference to a script in the avatar setting, which can be leveraged for a cross-site request forgery (CSRF) attack involving forced SQL execution by an admin.

  • Published: Oct 10, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-5204
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:N/AC:H/Au:S/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
invision_power_services / invision_power_board 2.0_pf1 2.0_pf1.x
invision_power_services / invision_power_board 2.1_beta2 2.1_beta2.x
invision_power_services / invision_power_board 1.0 1.0.x
invision_power_services / invision_power_board 1.1.2 1.1.2.x
invision_power_services / invision_power_board 2.0.4 2.0.4.x
invision_power_services / invision_power_board 2.1_rc1 2.1_rc1.x
invision_power_services / invision_power_board 2.1.1 2.1.1.x
invision_power_services / invision_power_board - 2.1.7.x
invision_power_services / invision_power_board 2.1.6 2.1.6.x
invision_power_services / invision_power_board 2.1_alpha2 2.1_alpha2.x
invision_power_services / invision_power_board 2.0_alpha3 2.0_alpha3.x
invision_power_services / invision_power_board 1.1.1 1.1.1.x
invision_power_services / invision_power_board 2.1.5_2006-03-08 2.1.5_2006-03-08.x
invision_power_services / invision_power_board 2.1.2 2.1.2.x
invision_power_services / invision_power_board 2.1.3 2.1.3.x
invision_power_services / invision_power_board 1.0.3 1.0.3.x
invision_power_services / invision_power_board 2.0_pdr3 2.0_pdr3.x
invision_power_services / invision_power_board 2.0 2.0.x
invision_power_services / invision_power_board 2.1_beta5 2.1_beta5.x
invision_power_services / invision_power_board 1.3_final 1.3_final.x
invision_power_services / invision_power_board 2.1.0 2.1.0.x
invision_power_services / invision_power_board 1.2 1.2.x
invision_power_services / invision_power_board 2.1.5 2.1.5.x
invision_power_services / invision_power_board 2.0.0 2.0.0.x
invision_power_services / invision_power_board 1.0.1 1.0.1.x
invision_power_services / invision_power_board 2.0.3 2.0.3.x
invision_power_services / invision_power_board 2.1_beta4 2.1_beta4.x
invision_power_services / invision_power_board 2.1 2.1.x
invision_power_services / invision_power_board 2.1_beta3 2.1_beta3.x
invision_power_services / invision_power_board 2.1.4 2.1.4.x
invision_power_services / invision_power_board 1.3.1_final 1.3.1_final.x
invision_power_services / invision_power_board 2.0_pf2 2.0_pf2.x
invision_power_services / invision_power_board 2.0.2 2.0.2.x
invision_power_services / invision_power_board 2.0.1 2.0.1.x
invision_power_services / invision_power_board 1.3 1.3.x
invision_power_services / invision_power_board 2.0.x 2.0.x.x