| VID |
21691 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A version of Invision Gallery is older than version 1.3.1 appears as installed on the host. Invision Gallery is a photo gallery plug-in for Invision Power Board. Invision Gallery versions prior to 1.3.1 could allow a remote attacker to execute arbitrary SQL commands via the comment parameter in an editcomment action or the rating parameter when voting on a photo. This vulnerability could permit a remote attacker to pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.
* References:
http://www.gulftech.org/?node=research&article_id=00079-06092005
http://secunia.com/advisories/15660/
http://marc.theaimsgroup.com/?l=bugtraq&m=111834146710329&w=2
* Platforms Affected:
Invision Power Services, Inc., Invision Gallery versions prior to 1.3.1
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Invision Gallery (1.3.1 or later), available from the Invision Gallery Pricing and Downloads Web site at http://www.invisiongallery.com/?pricing |
| Related URL |
CVE-2005-1948 (CVE) |
| Related URL |
13907 (SecurityFocus) |
| Related URL |
20979 (ISS) |
|
