2.5.5Standard

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

viart-ltd

NVD

Published: 2006-06-12

Updated: 2024-11-21

Summary

SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter.

Vulnerable Configurations

Part	Description	Count
Application	Viart_Ltd Viart LTD Viart Shop Free 2.5.5_Enterprise Viart LTD Viart Shop Free 2.5.5_Light Viart LTD Viart Shop Free 2.5.5_Standard	3

References

http://www.attrition.org/pipermail/vim/2006-June/000846.html
http://www.attrition.org/pipermail/vim/2006-June/000846.html
http://www.codetosell.com/downloads/xss_fix.zip
http://www.codetosell.com/downloads/xss_fix.zip
https://exchange.xforce.ibmcloud.com/vulnerabilities/27684
https://exchange.xforce.ibmcloud.com/vulnerabilities/27684