Invision Community before 4.7.16 allow SQL injection via the applications/nexus/modules/front/store/store.php IPS\nexus\modules\front\store\_store::_categoryView() method, where user input passed through the filter request parameter is not properly sanitized before being used to execute SQL queries. This can be exploited by unauthenticated attackers to carry out Blind SQL Injection attacks.
The vulnerability is located in the file applications/nexus/modules/front/store/store.php, specifically in the _categoryView() method of the IPS\nexus\modules\front\store\_store class. User data passed via the 'filter' request parameter is not properly sanitized before being used to construct SQL queries. An unauthenticated attacker can send crafted parameter values, thereby executing Blind SQL Injection attacks — gradually reading database contents by analyzing application responses.
An unauthenticated attacker can gain unauthorized access to data stored in the database (including user data, passwords, transaction information), and potentially also modify or delete data, threatening the confidentiality, integrity, and availability of the system.
Invision Community should be updated to version 4.7.16 or newer. Release information is available in the official vendor release notes at: https://invisioncommunity.com/release-notes/4716-r128/
Invision Community (IPS) in all versions before 4.7.16 with the active Nexus store module.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HInvisioncommunity
APPInvisioncommunity4.4.0 – 4.7.16 (bez)
Related vulnerabilities
RCE w Invision Community 5 — wstrzyknięcie kodu przez themeeditor.php
A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite before 4.6.2 allows remote authentic...
Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution.
Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to ...
Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has stored XSS in the Announcements, allowi...