Known Vulnerabilities for products from Virtuemart
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Virtuemart".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-54362 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2018-7465 json | An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the backend of the plugin can be closed by simp... | 5.4 - MEDIUM | 2018-04-26 | 2018-06-06 |
| CVE-2016-10379 json | The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via th... | 7.2 - HIGH | 2017-05-29 | 2017-06-08 |
| CVE-2015-3619 json | Cross-site scripting (XSS) vulnerability in assets/js/vm2admin.js in the VirtueMart component before 3.0.8 for Joomla! allows... | 5.4 - MEDIUM | 2018-02-06 | 2018-02-26 |
| CVE-2009-4430 json | SQL injection vulnerability in index.php in VirtueMart 1.0 allows remote attackers to execute arbitrary SQL commands via the ... | 7.5 - HIGH | 2009-12-28 | 2009-12-29 |
| CVE-2008-7205 json | Unspecified vulnerability in the product view functionality in VirtueMart 1.0.13a and earlier allows remote attackers to read... | 4.3 - MEDIUM | 2009-09-11 | 2017-08-17 |
| CVE-2008-7204 json | Cross-site request forgery (CSRF) vulnerability in VirtueMart 1.0.13a and earlier allows remote attackers to hijack the authe... | 6.8 - MEDIUM | 2009-09-11 | 2017-08-17 |
| CVE-2007-5563 json | Unspecified vulnerability in VirtueMart before 1.0.13 allows remote attackers to execute arbitrary PHP code via unspecified v... | 7.5 - HIGH | 2007-10-18 | 2008-11-15 |
| CVE-2007-3247 json | SQL injection vulnerability in VirtueMart before 1.0.11 allows remote attackers to execute arbitrary SQL commands via unspeci... | 6.8 - MEDIUM | 2007-06-18 | 2017-07-29 |
| CVE-2007-1361 json | Cross-site scripting (XSS) vulnerability in virtuemart_parser.php in VirtueMart before 20070213 allows remote attackers to in... | 4.3 - MEDIUM | 2007-03-08 | 2011-03-08 |
| CVE-2007-1096 json | Cross-site scripting (XSS) vulnerability in ps_cart.php in VirtueMart before 20070116 allows remote attackers to inject arbit... | 6.8 - MEDIUM | 2007-02-26 | 2023-11-07 |
| CVE-2007-0376 json | Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows remote attackers to inject arbitrary web script or HTML v... | 6.8 - MEDIUM | 2007-01-19 | 2023-11-07 |
| CVE-2006-6945 json | SQL injection vulnerability in Virtuemart 1.0.7 allows remote attackers to execute arbitrary SQL commands via unspecified vec... | 7.5 - HIGH | 2007-01-19 | 2023-11-07 |
| CVE-2006-5096 json | Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCom... | 6.8 - MEDIUM | 2006-09-29 | 2018-10-17 |
| CVE-2005-4829 json | VirtueMart before 1.0.1 does not properly handle errors when a user is forbidden to read a requested page, which has unknown ... | Not Provided | 2005-12-31 | 2025-04-03 |
Known software with vulnerabilities from Virtuemart
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Virtuemart | Virtuemart | 1.0.15 |