Invision Power Board is Web forum software. It is implemented in PHP and is available for Unix and Linux variants and Microsoft Windows operating systems. Invision Power Board is reported prone to a SQL injection vulnerability in its 'ssi.php' script. Due to improper filtering of user-supplied data, 'ssi.php' is exploitable by attackers to pass SQL statements to the underlying database. It is reported that the 'f' URI parameter to the script is converted into '$sql_fields' and is then passed directly to a SQL query. The impact of this vulnerability depends on the underlying database. It may be possible to corrupt/read sensitive data, execute commands/procedures on the database server, or possibly exploit vulnerabilities in the database itself through this condition. Version 1.3.1 Final of Invision Power Board is reported vulnerable. Other versions may also be affected as well. *** There have been conflicting reports stating the the vulnerable variable only accepts integer values and not arbitrary strings. This BID will be updated as more information is made available.
Invision Power Board V1 3 1 Final 27 - DOWNLOAD. Invision Power Board V1 3 1 Final 27 - DOWNLOAD. The Restaurant. May 27, 2006 Besides being full of security holes, there are a couple of other downsides to using IPB 1.3: Because it's so old and no longer supported, you will have a.