Invision Power Services Schwachstellen

Zeitverlauf

Typ

Produkt

Invision Power Services IP.Board54
Invision Power Services Invision Gallery16
Invision Power Services Invision Board8
Invision Power Services Community Suite8
Invision Power Services Invision Community Blog2

Massnahmen

Official Fix48
Temporary Fix0
Workaround0
Unavailable6
Not Defined34

Ausnutzbarkeit

High14
Functional2
Proof-of-Concept34
Unproven6
Not Defined32

Zugriffsart

Not Defined0
Physical0
Local0
Adjacent2
Network86

Authentisierung

Not Defined0
High0
Low18
None70

Benutzeraktivität

Not Defined0
Required34
None54

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤410
≤526
≤612
≤714
≤824
≤90
≤102

CVSSv3 Temp

≤10
≤20
≤30
≤410
≤530
≤618
≤720
≤88
≤92
≤100

VulDB

≤10
≤20
≤30
≤410
≤526
≤612
≤716
≤822
≤90
≤102

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤92
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Hersteller

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k10
<2k36
<5k42
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploit heute

<1k88
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (9): Community Suite (6), IP.Board (56), IP.Gallery (1), IPS (3), Invision Board (4), Invision Community Blog (5), Invision Gallery (10), Invision Power Board (1), Invision Power Top Site List (1)

Link to Vendor Website: https://invisioncommunity.com/

VeröffentlichtBaseTempSchwachstelleProdAusMasCTIEPSSCVE
18.08.20213.53.4Invision Power Services Community Suite IFRAME Cross Site ScriptingUnbekanntNot DefinedOfficial Fix0.000.00057CVE-2021-39250
18.08.20213.53.4Invision Power Services Community Suite Filename mt_rand Cross Site ScriptingUnbekanntNot DefinedOfficial Fix0.000.00105CVE-2021-39249
02.06.20215.55.3Invision Power Services Community Suite runProcessFunction erweiterte RechteUnbekanntNot DefinedOfficial Fix0.000.00745CVE-2021-32924
08.01.20217.57.2Invision Power Services Community Suite Download REST API files.php GETindex SQL InjectionUnbekanntNot DefinedOfficial Fix0.000.00063CVE-2021-3025
06.01.20213.53.5Invision Power Services Community Suite Comments Cross Site ScriptingUnbekanntNot DefinedOfficial Fix0.000.00078CVE-2021-3026
11.05.20176.26.2Invision Power Services IPS SVG Document Stored erweiterte RechteUnbekanntNot DefinedNot Defined0.000.00166CVE-2017-8899
11.05.20177.07.0Invision Power Services IPS Announcement index.php Stored erweiterte RechteUnbekanntNot DefinedNot Defined0.010.00170CVE-2017-8898
11.05.20175.25.2Invision Power Services IPS UTF8 Converter index.php Reflected Cross Site ScriptingUnbekanntNot DefinedNot Defined0.010.00147CVE-2017-8897
23.04.20175.75.5Invision Power Services Community Suite Session Cookie uniqid schwache VerschlüsselungUnbekanntNot DefinedOfficial Fix0.010.00179CVE-2016-2564
04.09.20155.35.1Invision Power Services IP.Board URL Denial of ServiceForum SoftwareNot DefinedOfficial Fix0.020.00164CVE-2015-6812

77 weitere Einträge werden nicht mehr angezeigt

Do you want to use VulDB in your project?

Use the official API to access entries easily!