6.4
CVE-2006-2251
- EPSS 0.5%
- Published 09.05.2006 10:02:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter.
Data is provided by the National Vulnerability Database (NVD)
Invision Power Services ≫ Invision Community Blog Version1.0
Invision Power Services ≫ Invision Community Blog Version1.1
Invision Power Services ≫ Invision Community Blog Version1.1.2_final
Invision Power Services ≫ Invision Community Blog Version1.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.5% | 0.65 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|