CubeCart Cross Site Scripting And SQL Injection Vulnerabilities Network Vulnerability

Summary

CubeCart is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie- based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. CubeCart 2.0.6 is vulnerable other versions may also be affected.

References

http://www.securityfocus.com/archive/1/516794
https://www.securityfocus.com/bid/46641

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
Adobe ColdFusion Information Disclosure Vulnerability
Adobe ColdFusion Multiple Vulnerabilities-01 May-2014
AlefMentor Multiple SQL Injection Vulnerabilities
A Really Simple Chat Multiple SQL Injection Vulnerabilities

CubeCart Cross Site Scripting and SQL Injection Vulnerabilities

Take action and discover your vulnerabilities