|Title:||Invision PowerBoard code injection|
It is possible to make the remote host include php files hosted
on a third party server using Invision Power Board.
An attacker may use this flaw to inject arbitrary code in the remote
host and gain a shell with the privileges of the web server.
Solution : At this time, the vendor did not supply any patch
See also : http://www.frog-man.org/tutos/InvisionPowerBoard.txt (french)
Risk factor : High
BugTraq ID: 6976|
BugTraq ID: 7204
|Copyright||This script is Copyright (C) 2003 Renaud Deraison|
|This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.