Invision Power Board 3 Multiple Vuln

vendor:

Invision Power Board

by:

LordTittiS

7,5

CVSS

HIGH

Full Path Disclosure

200

CWE

Product Name: Invision Power Board

Affected Version From: 3.x.x

Affected Version To: 3.x.x

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Invision Power Board 3 Multiple Vuln

The vulnerability is in the file search.php, the variable search_app is vulnerable. An attacker can exploit this to find out the rootpath of website or for Blind SQLi attack.

Mitigation:

Input validation should be done to prevent attackers from exploiting this vulnerability.

Source

Exploit-DB raw data:

# ============================================================
# Exploit Title: Invision Power Board 3 Multiple Vuln
# Date: 13/11/2010# Author: LordTittiS
# Greetings To: God_Of_Pain, System_Overide
# Software Link: http://www.invisionpower.com/
# Vulnerability Type: Full Path Disclosure# Version: 3.x.x (All 3 Version)
# ===========================================================  
-Vulnerability Details:
The vulnerability is in the file search.php, the variable search_app is vulnerable.An attacker can exploit this to find out the rootpath of website or for Blind SQLi attack.

-Google Dork: inurl:index.php?app=core 
-Example:http://server/index.php?app=core&module=search§ion=search&do=quick_search&search_app[]=