VULHUB ™

Invision Community Blog is reported prone to SQL injection attacks. User-supplied input supplied through the 'eid' URI parameter is used in a database query without sufficient sanitization. An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information. All versions of Invision Community Blog are considered vulnerable to this issue.

Invision Community Blog is reported prone to SQL injection attacks. User-supplied input supplied through the 'eid' URI parameter is used in a database query without sufficient sanitization. An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information. All versions of Invision Community Blog are considered vulnerable to this issue.