vendor:
Joomla eCommerce Edition
by:
SecurityFocus
7.5
CVSS
HIGH
Multiple Input Validation Vulnerabilities
20
CWE
Product Name: Joomla eCommerce Edition
Affected Version From: 1.0.11
Affected Version To: 1.0.11
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006
VirtueMart Joomla eCommerce Edition Multiple Input Validation Vulnerabilities
VirtueMart Joomla eCommerce Edition is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary HTML and script code in the browser of a victim user in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials, to control how the site is rendered to the user, and to launch other attacks.
Mitigation:
Input validation should be used to ensure that untrusted data is not allowed to enter the system. All input data should be validated and filtered for malicious content.
