Vulnerabilities > CVE-2006-5096 - Input Validation vulnerability in VirtueMart Joomla ECommerce Edition

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

virtuemart

exploit available

NVD

Published: 2006-09-29

Updated: 2018-10-17

Summary

Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce Edition CMS 1.0.11, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Itemid parameter in a (1) com_contact or (2) subscribe action.

Vulnerable Configurations

Part	Description	Count
Application	Virtuemart Virtuemart Virtuemart Joomla Ecommerrce Edition CMS *	1

Exploit-Db

description	VirtueMart Joomla ECommerce Edition 1.0.11 Multiple Input Validation Vulnerabilities. CVE-2006-5096. Webapps exploit for php platform
id	EDB-ID:28719
last seen	2016-02-03
modified	2006-09-27
published	2006-09-27
reporter	Adrian Castro
source	https://www.exploit-db.com/download/28719/
title	VirtueMart Joomla ECommerce Edition 1.0.11 - Multiple Input Validation Vulnerabilities

Summary

Vulnerable Configurations

Exploit-Db

References