Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:PHP:INVISION-IPS-COMM
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	IPS Community Suite Autoloaded PHP Code Injection Vulnerability
Release Date	2016/07/26
Update Number	2762
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: IPS Community Suite Autoloaded PHP Code Injection Vulnerability

This signature detects attempts to exploit a known vulnerability against IPS Community Suite. A successful attack can lead to arbitrary code execution.

Extended Description

applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.

Affected Products

Invisioncommunity invision_power_board 4.1.12.3
Php php 5.4.23
Php php 5.5.0
Php php 5.5.1
Php php 5.5.2
Php php 5.5.3
Php php 5.5.4
Php php 5.5.5
Php php 5.5.6
Php php 5.5.7

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: IPS Community Suite Autoloaded PHP Code Injection Vulnerability

Extended Description

Affected Products

References