Bugtraq ID: 20236
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Sep 27 2006 12:00AM
Updated: Sep 28 2006 05:26PM
Credit: Adrian Castro is credited with the discovery of these vulnerabilities.
Vulnerable: VirtueMart Joomla eCommerce Edition 1.0.11
VirtueMart Joomla eCommerce Edition is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker can exploit these issues to execute arbitrary HTML and script code in the browser of a victim user in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials, to control how the site is rendered to the user, and to launch other attacks.
VirtueMart Joomla eCommerce Edition version 1.0.11 is vulnerable; earlier versions may also be vulnerable.
http://www.securityfocus.com/bid/20236/info
Login
Register
Rules
FAQ
The team
