CVE-2005-4380

Name of the Vulnerable Software and Affected Versions Bitweaver versions 1.1 through 1.1.1 beta

Description The issue allows remote attackers to execute arbitrary SQL commands due to multiple SQL injection vulnerabilities. This is possible via several parameters, including the sort mode parameter to endpoints such as "fisheye/list galleries.php", "messages/message box.php", and "users/my.php"; the post id parameter to "blogs/view post.php"; and the blog id parameter to "blogs/view.php". These parameters are not properly cleansed by the convert sortmode function in "kernel/BitDb.php".

Recommendations For Bitweaver versions 1.1 through 1.1.1 beta, consider disabling the convert sortmode function in "kernel/BitDb.php" until a patch is available to properly cleanse the sort mode, post id, and blog id parameters. Restrict access to the affected endpoints, including "fisheye/list galleries.php", "messages/message box.php", "users/my.php", "blogs/view post.php", and "blogs/view.php", to minimize the risk of exploitation. Avoid using the sort mode, post id, and blog id parameters in the affected API endpoints until the issue is resolved.