RSS   Podatności dla 'Ips community suite'   RSS

2021-01-08
 
CVE-2021-3025

CWE-89
 
 
Invision Community IPS Community Suite before 4.5.4.2 allows SQL Injection via the Downloads REST API (the sortDir parameter in a sortBy=popular action to the GETindex() method in applications/downloads/api/files.php).

 
2021-01-05
 
CVE-2021-3026

CWE-79
 
 
Invision Community IPS Community Suite before 4.5.4.2 allows XSS during the quoting of a post or comment.

 

 >>> Vendor: Invisioncommunity 3 Produkty
Invision power board
Community
Ips community suite

Copyright 2024, cxsecurity.com

 

Back to Top