CVE-2006-2980
CVE-2006-2980 is a high-severity vulnerability in Viart Ltd Viart Shop Free with a CVSS 2.0 base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: High (CVSS 2.0 base score 7.5)
- EPSS exploit prediction: 1% (64th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Viart Ltd Viart Shop Free
- Published:
- Last modified:
Description
SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter.
Frequently asked questions
- What is CVE-2006-2980?
- SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter.
- How severe is CVE-2006-2980?
- CVE-2006-2980 has a CVSS 2.0 base score of 7.5, rated high severity.
- Is CVE-2006-2980 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (64th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2006-2980?
- CVE-2006-2980 primarily affects Viart Ltd Viart Shop Free. In total, 3 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2006-2980?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2006-2980 published?
- CVE-2006-2980 was published on 2006-06-12 and last updated on 2026-06-16.
References
- http://www.attrition.org/pipermail/vim/2006-June/000846.html
- http://www.codetosell.com/downloads/xss_fix.zip
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27684
Affected products (3)
- cpe:2.3:a:viart_ltd:viart_shop_free:2.5.5_enterprise:*:*:*:*:*:*:*
- cpe:2.3:a:viart_ltd:viart_shop_free:2.5.5_light:*:*:*:*:*:*:*
- cpe:2.3:a:viart_ltd:viart_shop_free:2.5.5_standard:*:*:*:*:*:*:*