RSS   Vulnerabilities for 'Ips community suite'   RSS

2021-01-08
 
CVE-2021-3025

CWE-89
 

 
Invision Community IPS Community Suite before 4.5.4.2 allows SQL Injection via the Downloads REST API (the sortDir parameter in a sortBy=popular action to the GETindex() method in applications/downloads/api/files.php).

 
2021-01-05
 
CVE-2021-3026

CWE-79
 

 
Invision Community IPS Community Suite before 4.5.4.2 allows XSS during the quoting of a post or comment.

 

 >>> Vendor: Invisioncommunity 3 Products
Invision power board
Community
Ips community suite


Copyright 2024, cxsecurity.com

 

Back to Top