CVE Vulnerabilities

CVE-2006-2251

Published: May 09, 2006 | Modified: Jul 20, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter.

Affected Software

Name Vendor Start Version End Version
Invision_community_blog Invision_power_services 1.0 1.0
Invision_community_blog Invision_power_services 1.1 1.1
Invision_community_blog Invision_power_services 1.1.2_final 1.1.2_final
Invision_community_blog Invision_power_services 1.2 1.2

References