Unspecified vulnerability in sources/action_public/xmlout.php in Invision Power Board (IPB or IP.Board) 2.2.0 through 2.2.2 allows remote attackers to modify another users profile data, such as an AIM screen name or Yahoo! identity.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Invision_power_board | Invision_power_services | 2.2 (including) | 2.2 (including) |
| Invision_power_board | Invision_power_services | 2.2.1 (including) | 2.2.1 (including) |
| Invision_power_board | Invision_power_services | 2.2.2 (including) | 2.2.2 (including) |
References
- http://forums.invisionpower.com/index.php?showtopic=235316
- http://secunia.com/advisories/25637
- http://www.osvdb.org/35436
- http://www.securityfocus.com/bid/24442
- http://www.vupen.com/english/advisories/2007/2160
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34841
- http://forums.invisionpower.com/index.php?showtopic=235316
- http://secunia.com/advisories/25637
- http://www.osvdb.org/35436
- http://www.securityfocus.com/bid/24442
- http://www.vupen.com/english/advisories/2007/2160
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34841