Vulnerabilities > CVE-2004-1835 - Unspecified vulnerability in Invision Power Services Invision Gallery 1.0.1

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
invision-power-services
exploit available
NVD
Published: 2004-12-31
Updated: 2024-11-20

Summary

Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) album parameters.

Vulnerable Configurations

Part Description Count
Application
Invision_Power_Services
1

Exploit-Db

  • descriptionInvision Power Services Invision Gallery 1.0.1 Multiple SQL Injection Vulnerabilities. CVE-2004-1835. Webapps exploit for php platform
    idEDB-ID:23867
    last seen2016-02-02
    modified2004-03-23
    published2004-03-23
    reporterJeiAr
    sourcehttps://www.exploit-db.com/download/23867/
    titleInvision Power Services Invision Gallery 1.0.1 - Multiple SQL Injection Vulnerabilities
  • descriptionInvision Gallery < 1.0.1 - SQL Injection. CVE-2004-1835. Webapps exploit for PHP platform
    idEDB-ID:43807
    last seen2018-01-24
    modified2004-03-21
    published2004-03-21
    reporterExploit-DB
    sourcehttps://www.exploit-db.com/download/43807/
    titleInvision Gallery < 1.0.1 - SQL Injection

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/119235/invisiongallery-sql.txt
idPACKETSTORM:119235
last seen2016-12-05
published2004-03-28
reporterJames Bercegay
sourcehttps://packetstormsecurity.com/files/119235/Invision-Gallery-1.0.1-SQL-Injection.html
titleInvision Gallery 1.0.1 SQL Injection

References