CyberSec.Space Logo
Back to CVE Browser

CVE-2006-5847

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.1590%
EPSS Percentile5.60th
PublishedNov 10, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

Affected Platforms (CPE)

πŸ“¦
Freewebshop

Freewebshop

<= 2.2.2

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=116303405916694&w=2
πŸ”— http://secunia.com/advisories/22786
πŸ”— http://securitytracker.com/id?1017200
πŸ”— http://www.freewebshop.org/?id=27
πŸ”— http://www.freewebshop.org/?id=28
πŸ”— http://www.securityfocus.com/bid/20969
πŸ”— http://www.vupen.com/english/advisories/2006/4420
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/30126

Related Vulnerabilities

CVE-2007-05317.5

PHP remote file inclusion vulnerability in includes/login.php in FreeWebShop 2.2.3 and 2.2.4 before 20070123 allows remote attacke...

CVE-2007-64667.5

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands ...

CVE-2006-57727.5

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 and earlier allow remote attackers to execute arbitrary S...

CVE-2006-58466.4

Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitr...