CubeCart 3.0 up to and including 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php (aka upload.php) that allows remote malicious users to upload arbitrary files via a modified CurrentFolder parameter in a direct request to admin/filemanager/upload.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
devellion cubecart 3.0.0_final |
||
devellion cubecart 3.0.1 |
||
devellion cubecart 3.0.0_alpha-rgf |
||
devellion cubecart 3.0.0_beta |
||
devellion cubecart 3.0.6 |
||
devellion cubecart 3.0.2 |
||
devellion cubecart 3.0.3 |
||
devellion cubecart 3.0.0_alpha |
||
devellion cubecart 3.0.0_alpha-2 |
||
devellion cubecart 3.0.4 |
||
devellion cubecart 3.0.5 |