Summary
Invision Power Board is prone to a PHP Code Execution vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit these issues to inject and execute arbitrary malicious PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system
other attacks are also possible.
Solution
The vendor has released a patch to address this vulnerability.
References