Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
devellion cubecart 2.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0606
Cross-site scripting (XSS) vulnerability in settings.inc.php for CubeCart 2.0.0 up to and including 2.0.5, as used in multiple PHP files, allows remote malicious users to inject arbitrary HTML or web script via the (1) cat_id, (2) PHPSESSID, (3) view_doc, (4) product, (5) session...
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.1
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.5
1 EDB exploit
NA
CVE-2005-0607
CubeCart 2.0.0 up to and including 2.0.5 allows remote malicious users to determine the full path of the server via direct calls without parameters to (1) information.php, (2) language.php, (3) list_docs.php, (4) popular_prod.php, (5) sale.php, (6) subfooter.inc.php, (7) subheade...
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.1
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.0
NA
CVE-2006-5107
Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x allow remote malicious users to execute arbitrary SQL commands via (1) the user_name parameter in admin/forgot_pass.php, (2) the order_id parameter in view_order.php, (3) the view_doc parameter in view_doc.php, an...
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.6
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.1
4 EDB exploits
NA
CVE-2006-5109
Devellion CubeCart 2.0.x allows remote malicious users to obtain sensitive information via a direct request for (1) link_navi.php or (2) spotlight.php, which reveals the path in various error messages. NOTE: the information.php, language.php, list_docs.php, popular_prod.php, sale...
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.6
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.1
Devellion Cubecart 2.0.2
NA
CVE-2006-5108
Multiple cross-site scripting (XSS) vulnerabilities in Devellion CubeCart 2.0.x allow remote malicious users to inject arbitrary web script or HTML via the order_id parameter in (1) admin/print_order.php and (2) view_order.php; the (3) site_url and (4) la_search_home parameters a...
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.6
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.1
6 EDB exploits
NA
CVE-2005-0443
index.php in CubeCart 2.0.4 allows remote malicious users to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in a PHP error message.
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.1
1 EDB exploit
NA
CVE-2005-0442
Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote malicious users to read arbitrary files via the language parameter.
Devellion Cubecart 2.0.1
Devellion Cubecart 2.0.4
1 EDB exploit
NA
CVE-2004-1580
SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter.
Devellion Cubecart 2.0.1
1 EDB exploit
NA
CVE-2004-1579
index.php in CubeCart 2.0.1 allows remote malicious users to gain sensitive information via an HTTP request with an invalid cat_id parameter, which reveals the full path in a PHP error message.
Devellion Cubecart 2.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started