Cross-Site Scripting Vulnerabilities in VirtueMart by Joomla!
CVE-2006-5096

Currently unrated

Key Information:

Vendor: Virtuemart
Status: Virtuemart Joomla Ecommerrce Edition Cms
Vendor: CVE Published:; 29 September 2006

What is CVE-2006-5096?

Multiple cross-site scripting (XSS) vulnerabilities can be found in the index.php file of VirtueMart Joomla! eCommerce Edition. These issues arise from the improper handling of the Itemid parameter during two actions: com_contact and subscribe. This allows remote attackers to inject arbitrary web scripts or HTML, posing significant security threats to affected web applications.

References

http://secunia.com/advisories/22162

third-party-advisoryx_refsource_SECUNIA

http://securityreason.com/securityalert/1657

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/447168/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 29, 2006
Vulnerability Reserved
Sep 29, 2006

JSON

Virtuemart

What is CVE-2006-5096?

References

Timeline