CVE-2006-5203

{"id": "CVE-2006-5203", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": true}]}, "published": "2006-10-10T04:06:00.000", "references": [{"url": "http://www.securityfocus.com/archive/1/447710/100/0/threaded", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29352", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Invision Power Board (IPB) 2.1.7 and earlier allows remote restricted administrators to inject arbitrary web script or HTML, or execute arbitrary SQL commands, via a forum description that contains a crafted image with PHP code, which is executed when the user visits the \"Manage Forums\" link in the Admin control panel."}, {"lang": "es", "value": "Invision Power Board (IPB) 2.1.7 y anteriores permite a un administrador remoto restringido inyectar secuencias de comandos web o HTML de su elecci\u00f3n, o ejecutar comandos SQL de su elecci\u00f3n, a trav\u00e9s de una descripci\u00f3n del foro que contenga una imagen artesanal con c\u00f3digo PHP, lo cual es esjecutado cuando el usuario visita \"Mange Forum\" enlazando en el panel de control de Admin."}], "lastModified": "2018-10-17T21:41:39.157", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F69B5D71-781A-4FDF-A5AB-0CE8AE6BBDBC", "versionEndIncluding": "2.1.7"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19CF6BD7-04F2-4D69-8402-EC4B637EA083"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F0C566E-2AC5-47A2-9246-2FBC87828690"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B83740E-6C38-4BEB-84A2-6B0F01799DCE"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29692429-A920-4BAD-9D79-D36EBE74EFB5"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D52AB16-A202-48B6-82C0-AD13EBCC7FCA"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C498DCB3-3CC7-4334-BF61-F5DA43F4B90F"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99A7875E-DAF0-46CD-AE30-246EB3FC6BB7"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.3.1_final:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2103FBA-1B72-43FC-A1ED-28F8C7DA0EE4"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:1.3_final:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94FBF21B-CF52-41BB-BAF1-AF822586D28B"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9AF155D-BDF6-4B5F-89BF-62CDE6FB48DA"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "615FFE8F-1EDA-4CE2-BC6F-E7348DAE37E1"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19B001F3-8A6E-423D-9382-AA696D193F08"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CDDB243-B03B-4DFE-9234-FD886EA80C50"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7139AE38-8E5D-4D1D-A126-9CD10CE13E2C"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E24336F-BD4C-4596-8FFE-9D53AB802BB1"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0.x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE478AB9-7ED4-4FDD-8990-CC4442CFA416"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0_alpha3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14F5777B-25A8-4D20-AD24-A639E315582F"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0_pdr3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FF0C787-BDC5-4154-809A-864DA3D4769D"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23A69133-FF5A-457E-823F-64920A0DB9F7"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23C37B74-6486-46A2-AC2C-C27786ED697E"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C63DDA0-9B4C-4D3E-9633-82C330753ABA"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB960ACC-74D4-4AFB-886C-11EB5180DFD2"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1BA6316-7E7E-4A6B-AA54-1846198D64BC"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA70C944-F70E-49F4-AA9C-D19148925C0F"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CAF5259-D99A-45A1-8DD4-C6858B302272"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67ED0140-7137-4F8D-AEA1-53251D4D4273"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75723F84-9989-4195-9827-E3A6DF2ABA6A"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.5_2006-03-08:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED5116FA-C532-42DF-ABBD-193AD7B799A6"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8BC2011-5D19-4AF2-BCCD-38A03D0175FC"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "232885C1-B578-4E6E-8472-FF47A17DF976"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19FFFBC9-F6F0-421C-BD8A-6F2F81C4E62F"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CB7078D-61D2-4ED9-AC8E-2D4F350F0716"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EC2800F-3A8C-4B63-B754-D921DFF79496"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5C8BA41-7876-4738-A68A-2162E28A3AB2"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_power_board:2.1_rc1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18BF761A-6459-42B0-BCB8-F735FBDD6139"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "The following requirements must be met for this attack to take place:\r\n- The database table prefix must be known\r\n- The admin must have access to the SQL Toolbox (any \"root admin\")\r\n- The admin must have images and referers turned on in their browser, and their browser must follow Location headers (default behaviour for most browsers)\r\n- The admin must view a malicious script as an image in their browser"}