Unrated severityNVD Advisory· Published May 16, 2005· Updated Apr 16, 2026
CVE-2005-1598
CVE-2005-1598
Description
SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable.
Affected products
9cpe:2.3:a:invision_power_services:invision_board:1.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:invision_power_services:invision_board:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_board:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_board:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_board:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_board:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_board:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_board:2.0_alpha_3:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_board:2.0_pdr3:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_power_board:2.0.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- forums.invisionpower.com/index.phpnvdPatch
- www.gulftech.orgnvdExploitPatch
- marc.infonvd
- marc.infonvd
- secunia.com/advisories/15265nvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- www.osvdb.org/16297nvd
- www.securiteam.com/exploits/5GP0E2KFQQ.htmlnvd
- www.securityfocus.com/bid/13529nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/20446nvd
- www.exploit-db.com/exploits/1013nvd
News mentions
0No linked articles in our index yet.