Invision Power Services Vulnerabilità

Sequenza temporale

Genere

Forum Software60
Photo Gallery Software14
Not Defined10
Blog Software4

Prodotto

Invision Power Services IP.Board56
Invision Power Services Invision Gallery14
Invision Power Services Community Suite6
Invision Power Services IPS4
Invision Power Services Invision Community Blog4

Contromisure

Official Fix48
Temporary Fix0
Workaround2
Unavailable8
Not Defined30

Sfruttabilità

High18
Functional2
Proof-of-Concept30
Unproven4
Not Defined34

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent0
Network88

Autenticazione

Not Defined0
High0
Low14
None74

Interazione dell'utente

Not Defined0
Required44
None44

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤48
≤528
≤616
≤710
≤826
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤48
≤532
≤616
≤728
≤84
≤90
≤100

VulDB

≤10
≤20
≤30
≤48
≤532
≤614
≤710
≤824
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤72
≤80
≤94
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k12
<2k38
<5k38
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k88
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (9): Community Suite (6), IP.Board (56), IP.Gallery (1), IPS (3), Invision Board (4), Invision Community Blog (5), Invision Gallery (10), Invision Power Board (1), Invision Power Top Site List (1)

Link to Vendor Website: https://invisioncommunity.com/

Data di pubblicazioneBaseTempVulnerabilitàProdSfrConEPSSCTICVE
18/08/20213.53.4Invision Power Services Community Suite IFRAME cross site scriptingSconosciutoNot DefinedOfficial Fix0.000570.00CVE-2021-39250
18/08/20213.53.4Invision Power Services Community Suite Filename mt_rand cross site scriptingSconosciutoNot DefinedOfficial Fix0.001050.00CVE-2021-39249
02/06/20215.55.3Invision Power Services Community Suite runProcessFunction escalazione di privilegiSconosciutoNot DefinedOfficial Fix0.007450.00CVE-2021-32924
08/01/20217.57.2Invision Power Services Community Suite Download REST API files.php GETindex sql injectionSconosciutoNot DefinedOfficial Fix0.000630.00CVE-2021-3025
06/01/20213.53.5Invision Power Services Community Suite Comments cross site scriptingSconosciutoNot DefinedOfficial Fix0.000780.00CVE-2021-3026
11/05/20176.26.2Invision Power Services IPS SVG Document Stored escalazione di privilegiSconosciutoNot DefinedNot Defined0.001660.00CVE-2017-8899
11/05/20177.07.0Invision Power Services IPS Announcement index.php Stored escalazione di privilegiSconosciutoNot DefinedNot Defined0.001700.01CVE-2017-8898
11/05/20175.25.2Invision Power Services IPS UTF8 Converter index.php Reflected cross site scriptingSconosciutoNot DefinedNot Defined0.001470.07CVE-2017-8897
23/04/20175.75.5Invision Power Services Community Suite Session Cookie uniqid crittografia deboleSconosciutoNot DefinedOfficial Fix0.001790.01CVE-2016-2564
04/09/20155.35.1Invision Power Services IP.Board URL denial of serviceForum SoftwareNot DefinedOfficial Fix0.001640.02CVE-2015-6812

77 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 77 results.

PrecedenteVisione D'insiemeIl prossimo

Do you need the next level of professionalism?

Upgrade your account now!