NVD脆弱性詳細

CVE-2006-2204

概要	SQL injection vulnerability in the topic deletion functionality (post_delete function in func_mod.php) for Invision Power Board 2.1.5 allows remote authenticated moderators to execute arbitrary SQL commands via the selectedpids parameter, which bypasses an integer value check when the $id variable is an array.
公表日	2006年5月5日21:46
登録日	2021年1月29日15:36
最終更新日	2018年10月19日1:38

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:invision_power_services:invision_power_board:2.0.0:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.x:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.0:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.5:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_rc1:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:invision_power_services:invision_power_board:2.0.0:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.0.x:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.0:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.1:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1.5:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta2:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta3:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta4:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5:::::::*
cpe:2.3:a:invision_power_services:invision_power_board:2.1_rc1:::::::*

No	URL	refsource	タグ
1	http://forums.invisionpower.com/index.php?showtopic=214248&view=getnewpo	CONFIRM	Patch
2	http://secunia.com/advisories/19901	SECUNIA	Patch Vendor Advisory
3	http://securityreason.com/securityalert/551	SREASON
4	http://www.securityfocus.com/archive/1/432591/100/0/threaded	BUGTRAQ
5	http://www.securityfocus.com/archive/1/432948/30/0/threaded	BUGTRAQ	Patch
6	http://www.securityfocus.com/bid/17837	BID	Patch
7	http://www.vupen.com/english/advisories/2006/1605	VUPEN
8	https://exchange.xforce.ibmcloud.com/vulnerabilities/26190	XF