Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ibProArcade category输入验证SQL注入漏洞
Vulnerability Description
ibProArcade是IPB论坛系统的一个模块。 ibProArcade在处理用户提交给'category'字段的数据缺少充分过滤,远程攻击者可以利用这个漏洞进行SQL注入攻击,可能获得敏感信息或更改数据库。 提交包含恶意SQL命令的数据,提交给"category"参数,可更改原来的SQL逻辑,获得数据库敏感信息或更改数据库。
CVSS Information
N/A
Vulnerability Type
N/A