CVE-2007-3219 | Vulnerability Database | Aqua Security

Unspecified vulnerability in sources/action_public/xmlout.php in Invision Power Board (IPB or IP.Board) 2.2.0 through 2.2.2 allows remote attackers to modify another users profile data, such as an AIM screen name or Yahoo! identity.

Affected Software

Name	Vendor	Start Version	End Version
Invision_power_board	Invision_power_services	2.2 (including)	2.2 (including)
Invision_power_board	Invision_power_services	2.2.1 (including)	2.2.1 (including)
Invision_power_board	Invision_power_services	2.2.2 (including)	2.2.2 (including)

References

http://forums.invisionpower.com/index.php?showtopic=235316
http://secunia.com/advisories/25637
http://www.osvdb.org/35436
http://www.securityfocus.com/bid/24442
http://www.vupen.com/english/advisories/2007/2160
https://exchange.xforce.ibmcloud.com/vulnerabilities/34841
http://forums.invisionpower.com/index.php?showtopic=235316
http://secunia.com/advisories/25637
http://www.osvdb.org/35436
http://www.securityfocus.com/bid/24442
http://www.vupen.com/english/advisories/2007/2160
https://exchange.xforce.ibmcloud.com/vulnerabilities/34841

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3219
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html