Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2005-0443

Published: 02/05/2005 Updated: 11/07/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

index.php in CubeCart 2.0.4 allows remote malicious users to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in a PHP error message.

Vulnerable Product Search on Vulmon Subscribe to Product

devellion cubecart 2.0.4

devellion cubecart 2.0.1

Exploits

Exploit DB: Brooky CubeCart 2.0.1/2.0.4 - 'index.php?language' Cross-Site Scripting
source: wwwsecurityfocuscom/bid/12549/info Brooky CubeCart is reported prone to multiple vulnerabilities These issues result from insufficient sanitization of user-supplied data and may allow remote attackers to disclose arbitrary files and carry out cross-site scripting attacks The application is reportedly susceptible to a remote dir ...

References

NVD-CWE-Otherhttp://www.cubecart.com/site/forums/index.php?showtopic=5741http://www.securityfocus.com/bid/12549http://www.osvdb.org/14064http://marc.info/?l=bugtraq&m=110842125901191&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/19328https://nvd.nist.govhttps://www.exploit-db.com/exploits/25097/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
injectCVE-2024-34001CVE-2024-37018LFICVE-2024-1275CVE-2024-1086CSRFCVE-2024-31030CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook