Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 Final allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to an editentry, replyentry, or editcomment action, or (2) the mid parameter to an aboutme action.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=111833601302752&w=2 | |
http://secunia.com/advisories/15626 | |
http://www.gulftech.org/?node=research&article_id=00078-06072005 | Exploit Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2005-06-09 04:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-1946
Mitre link : CVE-2005-1946
CVE.ORG link : CVE-2005-1946
JSON object : View
Products Affected
invision_power_services
- invision_community_blog
CWE