CVE-2004-1519
Description
SQL injection in phpBugTracker 0.9.1's bug.php allows attackers to execute arbitrary SQL commands via the bug_id or project parameters.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SQL injection in phpBugTracker 0.9.1's bug.php allows attackers to execute arbitrary SQL commands via the bug_id or project parameters.
Vulnerability
phpBugTracker version 0.9.1 contains a SQL injection vulnerability in bug.php. The bug_id parameter, when used in the viewvotes operation, and the project parameter, when used in the add operation, are not properly sanitized before being included in SQL queries [1][2][3]. This allows an attacker to inject arbitrary SQL commands into the database query.
Exploitation
An attacker can exploit this vulnerability by crafting a malicious HTTP request to bug.php with a specially crafted bug_id or project parameter. No authentication or special privileges are required, as these parameters are user-controllable inputs [1][2]. The requests can be sent remotely over HTTP.
Impact
Successful exploitation could allow an attacker to manipulate SQL queries to retrieve data they should not have access to, such as user passwords [1]. The attacker could also potentially modify or delete database content, leading to information disclosure or partial compromise of the application's data integrity.
Mitigation
A fix for this vulnerability has not been identified in the available references [1][2][3]. Users of phpBugTracker should monitor the project's website for updates or consider migrating to a supported alternative if the project is no longer maintained. As of 2004-12-31, no patched version has been released.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=0.9.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The application fails to properly sanitize user-supplied input in SQL queries, allowing for arbitrary SQL command execution."
Attack vector
Remote attackers can exploit this vulnerability by sending crafted requests to the application. For the `viewvotes` operation, the `bug_id` parameter is vulnerable, and for the `add` operation, the `project` parameter is susceptible to SQL injection [ref_id=2]. The advisory also notes similar SQL injection vulnerabilities in other modules like `severity.php`, `priority.php`, `os.php`, `database.php`, and `site.php` [ref_id=1]. These injections allow attackers to manipulate SQL queries to extract sensitive data or execute arbitrary commands.
Affected code
The vulnerability exists in `bug.php` within the `vote_view` function, specifically where the `bug_id` parameter is directly incorporated into a SQL query without proper sanitization [ref_id=2]. Additionally, the `project` parameter in the `add` operation of `bug.php` is also affected [ref_id=1].
What the fix does
The advisory indicates that updating to version 1.7.0 provides a fix for these vulnerabilities [ref_id=1]. While the specific code changes are not detailed in the provided text, the fix likely involves implementing proper input sanitization or using parameterized queries to prevent malicious SQL code from being executed.
Preconditions
- inputThe `bug_id` parameter for the `viewvotes` operation or the `project` parameter for the `add` operation.
Generated on Jun 3, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6News mentions
0No linked articles in our index yet.