CVE Vulnerabilities

CVE-2006-6369

Published: Dec 07, 2006 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in lib/entry_reply_entry.php in Invision Community Blog Mod 1.2.4 allows remote attackers to execute arbitrary SQL commands via the eid parameter, when accessed through the Preview message functionality.

Affected Software

Name Vendor Start Version End Version
Invision_community_blog Invision_power_services 1.2.4 (including) 1.2.4 (including)

References