CVE-2008-7205

Published: Sep 11, 2009Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Unspecified vulnerability in the product view functionality in VirtueMart 1.0.13a and earlier allows remote attackers to read arbitrary files via vectors related to a template file.

Affected (9)

Products: Virtuemart: Virtuemart

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Virtuemart Virtuemart	Up to 1.0.13a
Virtuemart Virtuemart	Version 1.0.0
Virtuemart Virtuemart	Version 1.0.10
Virtuemart Virtuemart	Version 1.0.11
Virtuemart Virtuemart	Version 1.0.12
Virtuemart Virtuemart	Version 1.0.7
Virtuemart Virtuemart	Version 1.0.8
Virtuemart Virtuemart	Version 1.0.9
Virtuemart Virtuemart	Version 1.1

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://osvdb.org/41761

Source: cve@mitre.org

http://secunia.com/advisories/28722

Source: cve@mitre.org

Vendor Advisory

http://virtuemart.net/index.php?option=com_content&task=view&id=275&Itemid=127

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/27532

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/40114

Source: cve@mitre.org

http://osvdb.org/41761

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/28722

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://virtuemart.net/index.php?option=com_content&task=view&id=275&Itemid=127

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/27532

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/40114

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.