CVE-2005-1070

Published: Apr 11, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

SQL injection vulnerability in index.php in Invision Power Board 1.3.1 Final and earlier allows remote attackers to execute arbitrary SQL commands via the st parameter.

Affected (8)

Products: Invision Power Services: Invision Board

Invision Power Services

1 product

Invision Board

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Invision Power Services Invision Board	Version 1.0.1
Invision Power Services Invision Board	Version 1.0
Invision Power Services Invision Board	Version 1.1.1
Invision Power Services Invision Board	Version 1.1.2
Invision Power Services Invision Board	Version 1.2
Invision Power Services Invision Board	Version 1.3.1_final
Invision Power Services Invision Board	Version 1.3
Invision Power Services Invision Board	Version 1.3_final