SQL injection vulnerability in index.php in Invision Community Blog allows remote attackers to execute arbitrary SQL commands via the eid parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/18815
http://www.securityfocus.com/bid/12205
http://securitytracker.com/id?1012831