CVE-2006-2251

2006-05-0910:00:00

mitre

www.cve.org

8.3 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter.

References

archives.neohapsis.com/archives/bugtraq/2006-05/0142.html

forums.invisionpower.com/index.php?showtopic=214248&view=getnewpost

secunia.com/advisories/19973

www.osvdb.org/25252

www.securityfocus.com/archive/1/433076

www.securityfocus.com/bid/17851

exchange.xforce.ibmcloud.com/vulnerabilities/26290