Unrated severityNVD Advisory· Published Dec 7, 2006· Updated Apr 23, 2026

CVE-2006-6369

Description

SQL injection vulnerability in lib/entry_reply_entry.php in Invision Community Blog Mod 1.2.4 allows remote attackers to execute arbitrary SQL commands via the eid parameter, when accessed through the "Preview message" functionality.

Affected products

Invision Power Services/Invision Community Blog
cpe:2.3:a:invision_power_services:invision_community_blog:1.2.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

forums.invisionpower.com/index.phpnvdPatch
www.securityfocus.com/archive/1/453126/100/100/threadednvd
www.securityfocus.com/archive/1/453159/100/100/threadednvd
www.vupen.com/english/advisories/2006/4820nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000