SQL injection vulnerability in classes/class_session.php in Invision Power Board (IPB) 2.1 up to 2.1.6 allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Invision_power_board | Invision_power_services | 2.1.1 | 2.1.1 |
Invision_power_board | Invision_power_services | 2.1.6 | 2.1.6 |
Invision_power_board | Invision_power_services | 2.1.2 | 2.1.2 |
Invision_power_board | Invision_power_services | 2.1.3 | 2.1.3 |
Invision_power_board | Invision_power_services | 2.1.5 | 2.1.5 |
Invision_power_board | Invision_power_services | 2.1.4 | 2.1.4 |