Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Invision Power Board (IPB) 2.1.7 and earlier allows remote restricted administrators to inject arbitrary web script or HTML, or execute arbitrary SQL commands, via a forum description that contains a crafted image with PHP code, which is executed when the user visits the "Manage Forums" link in the Admin control panel.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Invision Power Board 'Manage Forums'任意SQL命令执行漏洞
Vulnerability Description
Invision Power Board (IPB) 2.1.7和之前的版本,远程受限管理员可以通过论坛介绍,来注入任意Web脚本或HTML,或者执行任意SQL命令。该论坛介绍包含有精心编制的图像,且该图像带有在用户访问Admin控制面板中的"Manage Forums"链接时执行的PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A