CVE-2006-5096

EPSS 2.1%

Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce Edition CMS 1.0.11, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Itemid parameter in a (1) com_contact or (2) subscribe action.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/28719unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/22162 http://securityreason.com/securityalert/1657 https://exchange.xforce.ibmcloud.com/vulnerabilities/29207 http://www.securityfocus.com/archive/1/447168/100/0/threaded http://www.securityfocus.com/bid/20236 http://www.vupen.com/english/advisories/2006/3848