Unrated severityNVD Advisory· Published May 9, 2006· Updated Jun 16, 2026
CVE-2006-2251
CVE-2006-2251
Description
SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter.
Affected products
5cpe:2.3:a:invision_power_services:invision_community_blog:1.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:invision_power_services:invision_community_blog:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_community_blog:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_community_blog:1.1.2_final:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_community_blog:1.2:*:*:*:*:*:*:*
- (no CPE)range: 1.1.2 final through 1.2
Patches
Vulnerability mechanics
References
7- archives.neohapsis.com/archives/bugtraq/2006-05/0142.htmlnvdPatch
- forums.invisionpower.com/index.phpnvdPatch
- secunia.com/advisories/19973nvdPatchVendor Advisory
- www.securityfocus.com/archive/1/433076nvdPatch
- www.securityfocus.com/bid/17851nvdExploitPatch
- www.osvdb.org/25252nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26290nvd
News mentions
0No linked articles in our index yet.