Invision Community Vulnerabilities Risk E-Commerce Websites

A security researcher spotted numerous vulnerabilities in the Invision Community software that risked the corresponding e-commerce websites. While the vendors patched one of the two flaws, the other still remains a zero-day despite public disclosure.

Multiple Vulnerabilities Risks Invision Community Websites

Invision Community software vulnerabilities could allow hacking the vulnerable websites, which even include some major brands. According to the researcher Egidio Romano, some of the Invision Community websites include popular names like Evernote, Sony, Corsair, Mattel, LEGO, and more.

As described in his post, Romano discovered a blind SQL injection vulnerability that existed in the Invision Community software for roughly five years. It was introduced in the tool with version 4.4.0, released in February 2019, and remained unnoticed until Romano reported the flaw.

Specifically, this vulnerability affected the /applications/nexus/modules/front/store/store.php script, and could allow unauthenticated requests due to improper input sanitization. An attacker could exploit the flaw to execute time-based or error-based blind SQL attacks, reset passwords (because the app stores password reset keys in the database in plaintext), and gain admin access to the AdminCP for remote code execution.

Following Romano’s report via SSD disclosure, the vendors patched this flaw, CVE-2024-30163, with version 4.7.16, acknowledging the researcher.

While that seems fine, another vulnerability still risks the software security as it remains unpatched. According to Romano, another security flaw, CVE-2024-30162, also affects the latest software version, 4.7.16, indicating the vulnerability of Invision Community websites.

Specifically, this vulnerability existed in the /applications/core/modules/admin/editor/toolbar.php script, and an attacker could exploit the flaw to execute arbitrary PHP codes by uploading maliciously crafted ZIP files. However, exploiting this flaw requires an Administrator account with “toolbar_manage” permission.

This isn’t the first such discovery from Romano, as the researcher has previously disclosed numerous security issues affecting websites’ security. His last discovery was a critical phpFox vulnerability that threatened several social networks. At that time too, it took a while for the vendors to address the matter.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients