SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 up to and including 4.3.9 allows remote malicious users to execute arbitrary SQL commands via the shipKey parameter to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cubecart cubecart 4.3.4 |
||
cubecart cubecart 4.3.5 |
||
cubecart cubecart 4.3.6 |
||
cubecart cubecart 4.3.9 |
||
cubecart cubecart 4.3.7 |
||
cubecart cubecart 4.3.8 |