Short Name |
HTTP:PHP:INVISION-IPS-COMM |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
IPS Community Suite Autoloaded PHP Code Injection Vulnerability |
Release Date |
2016/07/26 |
Update Number |
2762 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against IPS Community Suite. A successful attack can lead to arbitrary code execution.
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.