Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
devellion cubecart vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2006-0922
CubeCart 3.0 up to and including 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php (aka upload.php) that allows remote malicio...
Devellion Cubecart 3.0.0 Final
Devellion Cubecart 3.0.1
Devellion Cubecart 3.0.0 Alpha-rgf
Devellion Cubecart 3.0.0 Beta
Devellion Cubecart 3.0.6
Devellion Cubecart 3.0.2
Devellion Cubecart 3.0.3
Devellion Cubecart 3.0.0 Alpha
Devellion Cubecart 3.0.0 Alpha-2
Devellion Cubecart 3.0.4
Devellion Cubecart 3.0.5
1 EDB exploit
710
VMScore
CVE-2006-5108
Multiple cross-site scripting (XSS) vulnerabilities in Devellion CubeCart 2.0.x allow remote malicious users to inject arbitrary web script or HTML via the order_id parameter in (1) admin/print_order.php and (2) view_order.php; the (3) site_url and (4) la_search_home parameters a...
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.6
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.1
6 EDB exploits
770
VMScore
CVE-2006-5107
Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x allow remote malicious users to execute arbitrary SQL commands via (1) the user_name parameter in admin/forgot_pass.php, (2) the order_id parameter in view_order.php, (3) the view_doc parameter in view_doc.php, an...
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.6
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.1
4 EDB exploits
445
VMScore
CVE-2006-5109
Devellion CubeCart 2.0.x allows remote malicious users to obtain sensitive information via a direct request for (1) link_navi.php or (2) spotlight.php, which reveals the path in various error messages. NOTE: the information.php, language.php, list_docs.php, popular_prod.php, sale...
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.6
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.1
Devellion Cubecart 2.0.2
755
VMScore
CVE-2006-4267
Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) oid parameter in modules/gateway/Protx/confirmed.php and the (2) x_invoice_num parameter in modules/gateway/Authorize/confirm...
Devellion Cubecart 3.0.7-pl1
Devellion Cubecart 3.0.6
Devellion Cubecart 3.0.7
Devellion Cubecart 3.0.3
Devellion Cubecart 3.0.4
Devellion Cubecart 3.0.11
1 EDB exploit
605
VMScore
CVE-2006-4268
Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.11 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) file, (2) x, and (3) y parameters in (a) admin/filemanager/preview.php; and the (4) email parameter in (b) ...
Devellion Cubecart 3.0.7-pl1
Devellion Cubecart 3.0.6
Devellion Cubecart 3.0.7
Devellion Cubecart 3.0.11
Devellion Cubecart 3.0.3
Devellion Cubecart 3.0.4
445
VMScore
CVE-2005-0607
CubeCart 2.0.0 up to and including 2.0.5 allows remote malicious users to determine the full path of the server via direct calls without parameters to (1) information.php, (2) language.php, (3) list_docs.php, (4) popular_prod.php, (5) sale.php, (6) subfooter.inc.php, (7) subheade...
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.1
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.0
435
VMScore
CVE-2005-0606
Cross-site scripting (XSS) vulnerability in settings.inc.php for CubeCart 2.0.0 up to and including 2.0.5, as used in multiple PHP files, allows remote malicious users to inject arbitrary HTML or web script via the (1) cat_id, (2) PHPSESSID, (3) view_doc, (4) product, (5) session...
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.1
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.5
1 EDB exploit
505
VMScore
CVE-2005-0442
Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote malicious users to read arbitrary files via the language parameter.
Devellion Cubecart 2.0.1
Devellion Cubecart 2.0.4
1 EDB exploit
435
VMScore
CVE-2005-0443
index.php in CubeCart 2.0.4 allows remote malicious users to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in a PHP error message.
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »