Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-1836
CVE-2004-1836
Description
SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:invision_power_services:invision_power_top_site_list:1.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:invision_power_services:invision_power_top_site_list:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_power_top_site_list:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:invision_power_services:invision_power_top_site_list:1.1_rc2:*:*:*:*:*:*:*
- Range: <= 1.1 RC 2
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.