Vulnerabilities > CVE-2006-5915 - Input Validation vulnerability in Samedia LandShop LS.PHP

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
samedia
exploit available
NVD
Published: 2006-11-15
Updated: 2018-10-17

Summary

Multiple cross-site scripting (XSS) vulnerabilities in ls.php in SAMEDIA LandShop allow remote attackers to inject arbitrary web script or HTML via the (1) start, (2) CAT_ID, (3) keyword, (4) search_area, (5) search_type, (6) infield, or (7) search_order parameter.

Vulnerable Configurations

Part Description Count
Application
Samedia
1

Exploit-Db

descriptionLandShop 0.6.3 ls.php Multiple Parameter XSS. CVE-2006-5915. Webapps exploit for php platform
idEDB-ID:28950
last seen2016-02-03
modified2006-11-09
published2006-11-09
reporterlaurent gaffie
sourcehttps://www.exploit-db.com/download/28950/
titleLandShop 0.6.3 ls.php Multiple Parameter XSS

References