7.5

CVE-2006-2980

EPSS 0.49%
Veröffentlicht 12.06.2006 22:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Viart Ltd ≫ Viart Shop Free Version2.5.5_enterprise

Viart Ltd ≫ Viart Shop Free Version2.5.5_light

Viart Ltd ≫ Viart Shop Free Version2.5.5_standard

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.49%	0.644

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.attrition.org/pipermail/vim/2006-June/000846.html

http://www.codetosell.com/downloads/xss_fix.zip

URL Repurposed

https://exchange.xforce.ibmcloud.com/vulnerabilities/27684

https://nvd.nist.gov/vuln/detail/CVE-2006-2980

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2980

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2980

EUVD