CVE-2004-1835
published 2004-12-31CVE-2004-1835: Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3)…
PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
4.93%
91.0th percentile
Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) album parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| invision_power_services | invision_gallery | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections
exploitdb·2004-03-23
CVE-2004-1835 Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections
Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections
---
source: https://www.securityfocus.com/bid/9944/info
It has been reported that Invision Gallery may be prone to multiple sql injection vulnerabilities, allowing an attacker to influence SQL query logic. The issues exist due to insufficient sanitization of user-supplied data via the 'img', 'cat', 'sort_key', 'order_key', 'user' and 'album' parameters of the gallery module accessed via the 'index.php' script.
Invision Gallery is a gallery system that can be used as a plugin for Invision Power Board. Invision Gallery 1.0.1 is reported to be prone to these issues, however, other versions could be affected as well.
index.php?act=module&module=gallery&cmd=si&img=[SQL]
index.php?act=module&module=gallery&cmd=editimg&
Exploit-DB
Invision Gallery < 1.0.1 - SQL Injection
exploitdb·2004-03-21·CVSS 7.5
CVE-2004-1835 [HIGH] Invision Gallery < 1.0.1 - SQL Injection
Invision Gallery < 1.0.1 - SQL Injection
---
Invision Power Top Site List SQL Injection
Vendor: Invision Power Services
Product: Invision Power Top Site List
Version: <= 1.1 RC 2
Website: http://www.invisiontsl.com/
BID: 9945
Description:
Invision Power Top Site List is a flexible site ranking script written in PHP, the popular programming choice for web developers. Featuring an impressive feature set with a user-friendly interface your community will feel at home using the system.
SQL Injection Vulnerability:
Invision Power Top Site List is prone to an SQL Injection vuln in its "comment" feature. This issue is very much exploitable as the injection happens right in the middle of a WHERE statement. Lets have a look at an example error message to get a better idea of what is going on.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=107997906500032&w=2http://secunia.com/advisories/11194http://securitytracker.com/id?1009512http://www.osvdb.org/4472http://www.securityfocus.com/bid/9944https://exchange.xforce.ibmcloud.com/vulnerabilities/15566http://marc.info/?l=bugtraq&m=107997906500032&w=2http://secunia.com/advisories/11194http://securitytracker.com/id?1009512http://www.osvdb.org/4472http://www.securityfocus.com/bid/9944https://exchange.xforce.ibmcloud.com/vulnerabilities/15566
2004-12-31
Published