CVE-2006-5847

6.1 MEDIUM

Published: November 10, 2006 Modified: April 23, 2026

Description

Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://marc.info/?l=bugtraq&m=116303405916694&w=2

Source: cve@mitre.org

Mailing List

http://secunia.com/advisories/22786

Source: cve@mitre.org

Permissions Required Third Party Advisory

http://securitytracker.com/id?1017200

Source: cve@mitre.org

Third Party Advisory VDB Entry

http://www.freewebshop.org/?id=27

Source: cve@mitre.org

Not Applicable

http://www.freewebshop.org/?id=28

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/bid/20969

Source: cve@mitre.org

Exploit Vendor Advisory

http://www.vupen.com/english/advisories/2006/4420

Source: cve@mitre.org

Not Applicable

https://exchange.xforce.ibmcloud.com/vulnerabilities/30126

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=116303405916694&w=2