Unrated severityNVD Advisory· Published Oct 5, 2006· Updated Apr 23, 2026

CVE-2006-5164

Description

Multiple cross-site scripting (XSS) vulnerabilities in cart.php in Sum Effect Software digiSHOP 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) sortBy or (2) search parameters.

Affected products

Sum Effect Software/Digishop
cpe:2.3:a:sum_effect_software:digishop:4.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/20297nvdExploit
secunia.com/advisories/22086nvdVendor Advisory
securityreason.com/securityalert/1687nvd
www.securityfocus.com/archive/1/447506/100/0/threadednvd
www.vupen.com/english/advisories/2006/3889nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29309nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000