CVE-2004-1785 — HIGH severity vulnerability (SQL injection vulnerability in calendar.php for Invision Pow)
SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable.
| CVE ID | CVE-2004-1785 |
|---|---|
| Severity | HIGH |
| CVSS score | 7.5 |
| CVSS vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2004-01-03 |
| Last modified | 2026-04-16 |
| Description | SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →