CVE-2005-2542 | Vulnerability Database | Aqua Security

Invision Power Board (IPB) 1.0.3 allows remote attackers to inject arbitrary web script or HTML via an attachment, which is automatically downloaded and processed as HTML.

Affected Software

Name	Vendor	Start Version	End Version
Invision_board	Invision_power_services	2.0 (including)	2.0 (including)
Invision_board	Invision_power_services	2.0.1 (including)	2.0.1 (including)
Invision_board	Invision_power_services	2.0.2 (including)	2.0.2 (including)
Invision_board	Invision_power_services	2.0.3 (including)	2.0.3 (including)
Invision_board	Invision_power_services	2.0.4 (including)	2.0.4 (including)
Invision_board	Invision_power_services	2.0_alpha_3 (including)	2.0_alpha_3 (including)
Invision_board	Invision_power_services	2.0_pdr3 (including)	2.0_pdr3 (including)
Invision_board	Invision_power_services	2.0_pf1 (including)	2.0_pf1 (including)
Invision_board	Invision_power_services	2.0_pf2 (including)	2.0_pf2 (including)
Invision_board	Invision_power_services	2.1_alpha2 (including)	2.1_alpha2 (including)

References

http://marc.info/?l=bugtraq\u0026m=112327712614854\u0026w=2
http://secunia.com/advisories/16348
http://www.securityfocus.com/bid/14492

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2542
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html