SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final up to and including 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invision power services invision community blog 1.0 |
||
invision power services invision community blog 1.1 |
||
invision power services invision community blog 1.1.2_final |
||
invision power services invision community blog 1.2 |