CVE-2005-3395 in Invision Gallery
Summary
by MITRE
SQL injection vulnerability in Invision Gallery 2.0.3 allows remote attackers to execute arbitrary SQL commands via the st parameter.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 07/28/2025
The vulnerability identified as CVE-2005-3395 represents a critical SQL injection flaw discovered in Invision Gallery version 2.0.3, a popular web-based photo gallery application. This vulnerability exposes the application to remote code execution risks through improper input validation mechanisms. The specific weakness occurs within the st parameter handling functionality, which fails to adequately sanitize user-supplied data before incorporating it into database queries. This oversight creates a pathway for malicious actors to manipulate the underlying database operations and potentially gain unauthorized access to sensitive information or system resources.
The technical exploitation of this vulnerability follows a classic SQL injection pattern where attackers can manipulate the st parameter to inject malicious SQL code into the application's database layer. When the application processes this parameter without proper sanitization, the injected commands execute within the database context, allowing attackers to perform unauthorized operations such as data retrieval, modification, or deletion. The vulnerability specifically affects the application's query construction logic, where user input directly influences the SQL statement structure without appropriate escaping or parameterization techniques. This flaw aligns with CWE-89, which categorizes SQL injection vulnerabilities as weaknesses in software that allows attackers to manipulate database queries through untrusted input.
From an operational perspective, this vulnerability presents significant risks to organizations utilizing Invision Gallery 2.0.3, as it enables remote attackers to execute arbitrary commands on the database server. Successful exploitation could result in complete data compromise, unauthorized access to user accounts, and potential system compromise. The attack surface is particularly concerning because it requires no authentication to exploit, making it accessible to any remote attacker. The vulnerability also impacts data integrity and availability, as malicious actors could modify or delete critical gallery information, user credentials, or system configurations. Organizations relying on this application face potential regulatory compliance violations and reputational damage from data breaches.
Security practitioners should implement immediate mitigations including input validation, parameterized queries, and proper output encoding to prevent SQL injection attacks. The recommended approach involves applying the vendor's official patch or upgrade to a supported version that addresses this vulnerability. Additionally, implementing web application firewalls and database activity monitoring can provide additional layers of protection. According to ATT&CK framework, this vulnerability maps to T1190 - Exploit Public-Facing Application, where adversaries leverage known vulnerabilities in web applications to gain unauthorized access. Organizations should also conduct thorough security assessments to identify similar vulnerabilities in other applications and implement comprehensive input validation across all database interactions to prevent similar issues in the future.