Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cubecart cubecart vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-20716
CubeCart prior to 6.1.13 has SQL Injection via the validate[] parameter of the "I forgot my Password!" feature.
Cubecart Cubecart
7.5
CVSSv2
CVE-2013-1465
The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 up to and including 5.2.0 allows remote malicious users to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config ...
Cubecart Cubecart
1 EDB exploit
7.5
CVSSv2
CVE-2010-4903
SQL injection vulnerability in index.php in CubeCart 4.3.3 allows remote malicious users to execute arbitrary SQL commands via the searchStr parameter.
Cubecart Cubecart 4.3.3
7.5
CVSSv2
CVE-2010-1931
SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 up to and including 4.3.9 allows remote malicious users to execute arbitrary SQL commands via the shipKey parameter to index.php.
Cubecart Cubecart 4.3.4
Cubecart Cubecart 4.3.5
Cubecart Cubecart 4.3.6
Cubecart Cubecart 4.3.9
Cubecart Cubecart 4.3.7
Cubecart Cubecart 4.3.8
1 EDB exploit
7.5
CVSSv2
CVE-2009-4060
SQL injection vulnerability in includes/content/viewProd.inc.php in CubeCart prior to 4.3.7 remote malicious users to execute arbitrary SQL commands via the productId parameter.
Cubecart Cubecart 3.0.5
Cubecart Cubecart 3.0.6
Cubecart Cubecart 3.0.13
Cubecart Cubecart 3.0.14
Cubecart Cubecart 4.0.0
Cubecart Cubecart 4.1.1
Cubecart Cubecart 4.2.1
Cubecart Cubecart 4.3.5
Cubecart Cubecart
Cubecart Cubecart 3.0.7
Cubecart Cubecart 3.0.8
Cubecart Cubecart 3.0.15
Cubecart Cubecart 3.0.16
Cubecart Cubecart 4.0.1
Cubecart Cubecart 4.0.2
Cubecart Cubecart 4.2.2
Cubecart Cubecart 4.2.3
Cubecart Cubecart 4.3.4
Cubecart Cubecart 3.0.20
Cubecart Cubecart 3.0.0
Cubecart Cubecart 3.0.4
Cubecart Cubecart 3.0.11
1 EDB exploit
7.5
CVSSv2
CVE-2009-3904
classes/session/cc_admin_session.php in CubeCart 4.3.4 does not properly restrict administrative access permissions, which allows remote malicious users to bypass restrictions and gain administrative access via a HTTP request that contains an empty (1) sessID (ccAdmin cookie), (2...
Cubecart Cubecart 4.3.4
1 EDB exploit
7.5
CVSSv2
CVE-2007-2862
Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow remote malicious users to execute arbitrary SQL commands via an unspecified parameter to cart.inc.php and certain other files in an include directory, related to missing sanitization of the $option variable and...
Devellion Cubecart 3.0.16
7.5
CVSSv2
CVE-2006-5107
Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x allow remote malicious users to execute arbitrary SQL commands via (1) the user_name parameter in admin/forgot_pass.php, (2) the order_id parameter in view_order.php, (3) the view_doc parameter in view_doc.php, an...
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.6
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.1
4 EDB exploits
7.5
CVSSv2
CVE-2006-4526
SQL injection vulnerability in includes/content/viewCat.inc.php in CubeCart 3.0.12 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary SQL commands via the searchArray[] parameter.
Devellion Cubecart
7.5
CVSSv2
CVE-2006-4267
Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) oid parameter in modules/gateway/Protx/confirmed.php and the (2) x_invoice_num parameter in modules/gateway/Authorize/confirm...
Devellion Cubecart 3.0.7-pl1
Devellion Cubecart 3.0.6
Devellion Cubecart 3.0.7
Devellion Cubecart 3.0.3
Devellion Cubecart 3.0.4
Devellion Cubecart 3.0.11
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »