CVE-2005-3549

Published: Nov 16, 2005Modified: Apr 16, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited remote attackers to execute arbitrary code by referencing the file in "Task PHP File To Run" field and selecting "Run Task Now".

Affected (1)

Products: Invision Power Services: Invision Board

Invision Power Services

1 product

Invision Board

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Invision Power Services Invision Board	Version 2.0.1

References (6)

http://secunia.com/advisories/17443

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/archive/1/415798/30/0/threaded

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/40003

Source: cve@mitre.org

http://secunia.com/advisories/17443

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/archive/1/415798/30/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/40003

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.