CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-5847

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.1590%
EPSS Percentile5.60th
Published2006年11月10日
Last Modified2026年4月23日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

Affected Platforms (CPE)

📦
Freewebshop

Freewebshop

<= 2.2.2

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=116303405916694&w=2
🔗 http://secunia.com/advisories/22786
🔗 http://securitytracker.com/id?1017200
🔗 http://www.freewebshop.org/?id=27
🔗 http://www.freewebshop.org/?id=28
🔗 http://www.securityfocus.com/bid/20969
🔗 http://www.vupen.com/english/advisories/2006/4420
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30126

関連する脆弱性情報

CVE-2007-05317.5

PHP remote file inclusion vulnerability in includes/login.php in FreeWebShop 2.2.3 and 2.2.4 before 20070123 allows remote attacke...

CVE-2007-64667.5

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands ...

CVE-2006-57727.5

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 and earlier allow remote attackers to execute arbitrary S...

CVE-2006-58466.4

Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitr...