Vulnerabilities > CVE-2006-5096 - Unspecified vulnerability in Virtuemart Joomla Ecommerrce Edition CMS
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN virtuemart
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce Edition CMS 1.0.11, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Itemid parameter in a (1) com_contact or (2) subscribe action.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | VirtueMart Joomla ECommerce Edition 1.0.11 Multiple Input Validation Vulnerabilities. CVE-2006-5096. Webapps exploit for php platform |
| id | EDB-ID:28719 |
| last seen | 2016-02-03 |
| modified | 2006-09-27 |
| published | 2006-09-27 |
| reporter | Adrian Castro |
| source | https://www.exploit-db.com/download/28719/ |
| title | VirtueMart Joomla ECommerce Edition 1.0.11 - Multiple Input Validation Vulnerabilities |
References
- http://secunia.com/advisories/22162
- http://secunia.com/advisories/22162
- http://securityreason.com/securityalert/1657
- http://securityreason.com/securityalert/1657
- http://www.securityfocus.com/archive/1/447168/100/0/threaded
- http://www.securityfocus.com/archive/1/447168/100/0/threaded
- http://www.securityfocus.com/bid/20236
- http://www.securityfocus.com/bid/20236
- http://www.vupen.com/english/advisories/2006/3848
- http://www.vupen.com/english/advisories/2006/3848
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29207
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29207