Unrated severityNVD Advisory· Published Mar 2, 2007· Updated Apr 23, 2026
CVE-2006-7071
CVE-2006-7071
Description
SQL injection vulnerability in classes/class_session.php in Invision Power Board (IPB) 2.1 up to 2.1.6 allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP parameter.
Affected products
6cpe:2.3:a:invision_power_services:invision_power_board:2.1.1:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:invision_power_services:invision_power_board:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_power_board:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_power_board:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_power_board:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_power_board:2.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_power_board:2.1.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- secunia.com/advisories/21072nvdPatchVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2006-07/0249.htmlnvdExploitPatch
- rst.void.ru/download/r57ipb216gui.txtnvdExploit
- securityreason.com/securityalert/2325nvd
- www.vupen.com/english/advisories/2006/2810nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27753nvd
- www.exploit-db.com/exploits/2010nvd
News mentions
0No linked articles in our index yet.