Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-33438

Published: 29/04/2024 Updated: 30/04/2024

Vulnerability Summary

File Upload vulnerability in CubeCart prior to 6.5.5 allows an authenticated user to execute arbitrary code via a crafted .phar file.

Vulnerability Trend

Github Repositories

https://github.com/julio-cfa/CVE-2024-33438

CubeCart <= 6.5.4 is vulnerable to an arbitrary file upload that leads to remote code execution (RCE).

CVE-2024-33438 CubeCart &lt;= 654 is vulnerable to an arbitrary file upload that leads to remote code execution (RCE)

References

https://github.com/cubecart/v6https://forums.cubecart.com/topic/59046-cubecart-655-released-minor-security-update/https://github.com/julio-cfa/CVE-2024-33438https://github.com/cubecart/v6/commit/31a5ec39b0924b2111fbc3aa419bd8c5c3fc1841https://nvd.nist.govhttps://github.com/julio-cfa/CVE-2024-33438
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionCVE-2024-34909CVE-2024-3317SSTICVE-2024-3400CVE-2024-30051wirelessCVE-2024-4622CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook