NVD

Id
60908  
Name
CVE-2006-2204  
Description
SQL injection vulnerability in the topic deletion functionality (post_delete function in func_mod.php) for Invision Power Board 2.1.5 allows remote authenticated moderators to execute arbitrary SQL commands via the selectedpids parameter, which bypasses an integer value check when the $id variable is an array.  
Reject
 
CVSS Version
2  
CVSS Score
5.5  
Severity
Medium  
CVSS Base Score
5.5  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-05-05  
Modified Date
2011-03-07  
Seq
2006-2204  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
314542 60908 CVE-2006-2204 http://forums.invisionpower.com/index.php?showtopic=214248&view=getnewpo  View
314543 60908 CVE-2006-2204 551  View
314544 60908 CVE-2006-2204 20060504 Re: Invision Power Board v2.1.5 Remote SQL Injection  View
314545 60908 CVE-2006-2204 20060428 Invision Power Board v2.1.5 Remote SQL Injection  View
314546 60908 CVE-2006-2204 17837  View
314547 60908 CVE-2006-2204 ADV-2006-1605  View
314548 60908 CVE-2006-2204 invision-func_mod-sql-injection(26190)  View

Related JVN