CyberSec.Space Logo
Back to CVE Browser

CVE-2006-5096

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0700%
EPSS Percentile41.63th
PublishedSep 29, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce Edition CMS 1.0.11, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Itemid parameter in a (1) com_contact or (2) subscribe action.

Affected Platforms (CPE)

πŸ“¦
Virtuemart

Virtuemart Joomla Ecommerrce Edition Cms

<= 1.0.11

References & Advisories

πŸ”— http://secunia.com/advisories/22162
πŸ”— http://securityreason.com/securityalert/1657
πŸ”— http://www.securityfocus.com/archive/1/447168/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/20236
πŸ”— http://www.vupen.com/english/advisories/2006/3848
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/29207
πŸ”— http://secunia.com/advisories/22162
πŸ”— http://securityreason.com/securityalert/1657

Related Vulnerabilities

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...