CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Viart: >> Shop >> 2.5.5_free Security Vulnerabilities

CVE-2006-2979

Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter in forum.php, which is not properly handled in block_forum_topics.php, and (2) item_id parameter in reviews.php, which is not properly handled in block_reviews.php.

CVSS Score

2.6

EPSS Score

0.006

Published

2006-06-12

Page 1

Vulnerabilities

Vulnerable Software

Viart: >> Shop >> 2.5.5_free Security Vulnerabilities

Products

Pricing

Contact Us