Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2980


Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2980
Last Modified 05 Sep 2008 05:05:56
Published 12 Jun 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter.

Vulnerable Systems


  • Viart Ltd Viart Shop Free 2.5.5 Enterprise

  • Viart Ltd Viart Shop Free 2.5.5 Light

  • Viart Ltd Viart Shop Free 2.5.5 Standard


XF - viart-blockforumtopicnew-sql-injection(27684)


VIM - 20060612 verify of ViArt Shop Free 2.5.5 issue (diff digging)

Last Updated: 27 May 2016 10:42:50