Remote SQL Injection Vulnerability in Invision Power Board (IPB) 2.0.3 and Earlier

Remote SQL Injection Vulnerability in Invision Power Board (IPB) 2.0.3 and Earlier

CVE-2005-1598 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable.

Learn more about our Internal Network Penetration Testing.