2 matches found
CVE-2006-2979
Multiple cross-site scripting XSS vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the 1 forumid parameter in forum.php, which is not properly handled in...
CVE-2006-2979
CVE-2006-2979 affects ViArt Shop Free 2.5.5 (and related distributions). The issue is due to cross-site scripting (XSS) via two parameters: the forum_id parameter in forum.php (not properly handled in block_forum_topics.php) and the item_id parameter in reviews.php (not properly handled in block_...