Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:virtuemart:virtuemart:1.1.4:*:*:*:*:joomla\!:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-7465 |
An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the backend of the plugin can be closed by simply adding </textarea> to the value and saving the product/config. By editing back the product/config, the editor's browser will execute everything after the </textarea>, leading to a possible XSS. Published: April 26, 2018; 3:29:00 PM -0400 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2015-3619 |
Cross-site scripting (XSS) vulnerability in assets/js/vm2admin.js in the VirtueMart component before 3.0.8 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors involving a "double encode combination of first_name, last_name and company." Published: February 06, 2018; 11:29:00 AM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |