NVD Vulnerability Detail

CVE-2006-2204

Summary	SQL injection vulnerability in the topic deletion functionality (post_delete function in func_mod.php) for Invision Power Board 2.1.5 allows remote authenticated moderators to execute arbitrary SQL commands via the selectedpids parameter, which bypasses an integer value check when the $id variable is an array.
Publication Date	May 5, 2006, 9:46 p.m.
Registration Date	Jan. 29, 2021, 3:36 p.m.
Last Update	Oct. 19, 2018, 1:38 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:invision_power_services:invision_power_board:2.0.0:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.x:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.0:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.5:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_rc1:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://forums.invisionpower.com/index.php?showtopic=214248&view=getnewpo	CONFIRM	Patch
2	http://secunia.com/advisories/19901	SECUNIA	Patch Vendor Advisory
3	http://securityreason.com/securityalert/551	SREASON
4	http://www.securityfocus.com/archive/1/432591/100/0/threaded	BUGTRAQ
5	http://www.securityfocus.com/archive/1/432948/30/0/threaded	BUGTRAQ	Patch
6	http://www.securityfocus.com/bid/17837	BID	Patch
7	http://www.vupen.com/english/advisories/2006/1605	VUPEN
8	https://exchange.xforce.ibmcloud.com/vulnerabilities/26190	XF

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:invision_power_services:invision_power_board:2.0.0:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.x:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.0:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.5:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_rc1:::::::*