Invision Power Board 'unserialize()' PHP Code Execution

Summary
Invision Power Board is prone to a PHP Code Execution vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to inject and execute arbitrary malicious PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system other attacks are also possible.
Solution
The vendor has released a patch to address this vulnerability.
References