Vulnerabilities > CVE-2006-6945 - Unspecified vulnerability in Virtuemart 1.0.7
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
SQL injection vulnerability in Virtuemart 1.0.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to (1) Itemid, (2) product_id, and category_id parameters as handled in virtuemart_parser.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/151672/joomlavirtuemart341-sql.txt |
id | PACKETSTORM:151672 |
last seen | 2019-02-14 |
published | 2019-02-14 |
reporter | KingSkrupellos |
source | https://packetstormsecurity.com/files/151672/Joomla-VirtueMart-3.4.1-SQL-Injection.html |
title | Joomla VirtueMart 3.4.1 SQL Injection |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html
- http://www.hackers.ir/advisories/festival.txt
- http://www.securityfocus.com/bid/22123
- http://secunia.com/advisories/24058
- http://www.securityfocus.com/archive/1/459195/100/0/threaded
- http://virtuemart.svn.sourceforge.net/viewvc/%2Acheckout%2A/virtuemart/branches/virtuemart-1_0_0/virtuemart/CHANGELOG.php?revision=607