EUVD-2006-2977

Malware in sbrugna...

CVE-2007-6347

PHP remote file inclusion vulnerability in blocks/blocksitemap.php in ViArt 1 CMS 3.3.2, 2 HelpDesk 3.3.2, 3 Shop Evaluation 3.3.2, and 4 Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the rootfolderpath parameter. NOTE: some of these details are obtained from...

CVE-2007-6347

CVE-2007-6347 describes a PHP remote file inclusion in blocks/block_site_map.php affecting ViArt CMS/HelpDesk/Shop Evaluation/Shop Free 3.3.2. The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in the root_folder_path parameter. Documented impact is remote code execution...

CVE-2006-2980

SQL injection vulnerability in blockforumtopicnew.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forumid parameter...

CVE-2006-2979

Multiple cross-site scripting XSS vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the 1 forumid parameter in forum.php, which is not properly handled in...

CVE-2006-2979

CVE-2006-2979 affects ViArt Shop Free 2.5.5 (and related distributions). The issue is due to cross-site scripting (XSS) via two parameters: the forum_id parameter in forum.php (not properly handled in block_forum_topics.php) and the item_id parameter in reviews.php (not properly handled in block_...

CVE-2006-2980

SQL injection vulnerability in blockforumtopicnew.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forumid parameter...