Description: JeiAr has reported a vulnerability in Invision Power Board, which potentially can be exploited by malicious people to manipulate data through HTTP.
The problem is that the "sort_key" parameter isn't properly validated. This can potentially be used to manipulate SQL queries.
Invision Power Board 1.3 and prior as well as the latest alpha version have been reported vulnerable.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
