CVE-2024-30163

{"id": "CVE-2024-30163", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-06-07T17:15:50.267", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Apr/20", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://invisioncommunity.com/release-notes/4716-r128/", "tags": ["Release Notes"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2024/Apr/20", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://invisioncommunity.com/release-notes/4716-r128/", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Invision Community before 4.7.16 allow SQL injection via the applications/nexus/modules/front/store/store.php IPS\\nexus\\modules\\front\\store\\_store::_categoryView() method, where user input passed through the filter request parameter is not properly sanitized before being used to execute SQL queries. This can be exploited by unauthenticated attackers to carry out Blind SQL Injection attacks."}, {"lang": "es", "value": "Invision Community antes de 4.7.16 permite la inyecci\u00f3n de SQL a trav\u00e9s del m\u00e9todo apps/nexus/modules/front/store/store.php IPS\\nexus\\modules\\front\\store\\_store::_categoryView(), donde la entrada del usuario pasaba a trav\u00e9s de la solicitud de filtro el par\u00e1metro no se sanitiza adecuadamente antes de usarse para ejecutar consultas SQL. Esto puede ser aprovechado por atacantes no autenticados para llevar a cabo ataques de inyecci\u00f3n SQL ciega."}], "lastModified": "2024-11-21T09:11:20.520", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:invisioncommunity:invisioncommunity:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F612BBD3-CA37-4707-B0B0-E25CF25694FE", "versionEndExcluding": "4.7.16", "versionStartIncluding": "4.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}