SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:10
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/bugtraq/2006-05/0142.html - Patch | |
References | () http://forums.invisionpower.com/index.php?showtopic=214248&view=getnewpost - Patch | |
References | () http://secunia.com/advisories/19973 - Patch, Vendor Advisory | |
References | () http://www.osvdb.org/25252 - | |
References | () http://www.securityfocus.com/archive/1/433076 - Patch | |
References | () http://www.securityfocus.com/bid/17851 - Exploit, Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26290 - |
Information
Published : 2006-05-09 10:02
Updated : 2024-11-21 00:10
NVD link : CVE-2006-2251
Mitre link : CVE-2006-2251
CVE.ORG link : CVE-2006-2251
JSON object : View
Products Affected
invision_power_services
- invision_community_blog
CWE