Vulnerabilities > Invision Power Services > Invision Community Blog > 1.2.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-07 | CVE-2006-6369 | SQL-Injection vulnerability in Invision Power Services Invision Community Blog 1.2.4 SQL injection vulnerability in lib/entry_reply_entry.php in Invision Community Blog Mod 1.2.4 allows remote attackers to execute arbitrary SQL commands via the eid parameter, when accessed through the "Preview message" functionality. | 7.5 |