NVD

Id
21054  
Name
CVE-2016-6174  
Description
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2016-07-12  
Modified Date
2016-11-28  
Seq
2016-6174  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
114592 21054 CVE-2016-6174 http://karmainsecurity.com/KIS-2016-11  View
114593 21054 CVE-2016-6174 APPLE-SA-2016-09-20  View
114594 21054 CVE-2016-6174 20160707 [KIS-2016-11] IPS Community Suite <= 4.1.12.3 Autoloaded PHP Code Injection Vulnerability  View
114595 21054 CVE-2016-6174 91732  View
114596 21054 CVE-2016-6174 https://invisionpower.com/release-notes/4113-r44/  View
114597 21054 CVE-2016-6174 https://support.apple.com/HT207170  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
2993 JVNDB-2016-003766 Invision Power Services IPS Community Suite の applications/core/modules/front/system/content.php における任意のコードを実行される脆弱性 Invision Power Services IPS Community Suite (別名 Invision Power Board、IPB、または Power Board) の applications/core/modules/front/system/content.php には、PHP 5.4.24 未満、または 5.5.8 未満の 5.5.x で使用される場合、任意のコードを実行される脆弱性が存在します。 CVE-2016-6174 92681 CVE-2016-6174 21054 6.8 8.1 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003766.html 2016-07-05 2016-10-07 View