applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 02:55
Type | Values Removed | Values Added |
---|---|---|
References | () http://karmainsecurity.com/KIS-2016-11 - Exploit | |
References | () http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html - | |
References | () http://packetstormsecurity.com/files/137804/IPS-Community-Suite-4.1.12.3-PHP-Code-Injection.html - | |
References | () http://seclists.org/fulldisclosure/2016/Jul/19 - Exploit | |
References | () http://www.securityfocus.com/bid/91732 - | |
References | () https://invisionpower.com/release-notes/4113-r44/ - | |
References | () https://support.apple.com/HT207170 - | |
References | () https://www.exploit-db.com/exploits/40084/ - |
Information
Published : 2016-07-12 19:59
Updated : 2024-11-21 02:55
NVD link : CVE-2016-6174
Mitre link : CVE-2016-6174
CVE.ORG link : CVE-2016-6174
JSON object : View
Products Affected
php
- php
invisioncommunity
- invision_power_board
CWE