Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2006-2979 | First vendor Publication | 2006-06-12 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:H/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.6 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | High |
| Cvss Expoit Score | 4.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter in forum.php, which is not properly handled in block_forum_topics.php, and (2) item_id parameter in reviews.php, which is not properly handled in block_reviews.php. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2979 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 26271 | ViArt Shop Free reviews.php item_id Parameter XSS |
| 26270 | ViArt Shop Free forum.php forum_id Parameter XSS |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:20:17 |
|
| 2024-11-28 12:09:11 |
|
| 2024-02-14 13:28:28 |
|
| 2021-05-04 12:04:09 |
|
| 2021-04-22 01:04:45 |
|
| 2020-05-23 00:17:56 |
|
| 2018-10-18 21:20:11 |
|
| 2017-07-20 09:23:40 |
|
| 2016-04-26 14:44:26 |
|
| 2013-05-11 11:00:11 |
|
