CVEブラウザに戻る

CVE-2006-5096

MEDIUM

6.8

CVSS Severity Score

EPSS Score0.0700%

EPSS Percentile41.63th

Published2006年9月29日

Last Modified2026年4月23日

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce Edition CMS 1.0.11, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Itemid parameter in a (1) com_contact or (2) subscribe action.

Affected Platforms (CPE)

📦

Virtuemart

Virtuemart Joomla Ecommerrce Edition Cms

<= 1.0.11

References & Advisories

🔗 http://secunia.com/advisories/22162

🔗 http://securityreason.com/securityalert/1657

🔗 http://www.securityfocus.com/archive/1/447168/100/0/threaded

🔗 http://www.securityfocus.com/bid/20236

🔗 http://www.vupen.com/english/advisories/2006/3848

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/29207

🔗 http://secunia.com/advisories/22162

🔗 http://securityreason.com/securityalert/1657

関連する脆弱性情報

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...