Loading
Generated remediation guidance and an executive summary. No account required.
SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) in Invision Power Board (aka IPB or IP.Board) 3.3.x and 3.4.x through 3.4.7 before 20141114 allows remote attackers to execute arbitrary SQL commands via the id[] parameter.
Use CWE-89, Invisioncommunity vendor hub and Invision Power Board product page to widen CVE-2014-9239 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2013-3725, CVE-2012-2226 and CVE-2017-8898 for nearby disclosures in the same product family.