SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter.
CPE | Name | Operator | Version |
---|---|---|---|
invision_community_blog | eq | 1.1 | |
invision_community_blog | eq | 1.0 | |
invision_community_blog | eq | 1.1.2-final | |
invision_community_blog | eq | 1.2 |