CubeCart Multiple Vulnerabilities

Summary
This host is installed with CubeCart and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary web script or HTML in a user's browser session in the context of an affected site and manipulate SQL queries by injecting arbitrary SQL code. Impact Level: Application
Solution
Upgrade to CubeCart version 5.0 or later, For updates refer to http://www.cubecart.com
Insight
Inputs passed via multiple parameters to 'index.php', 'cart.php' and Admin Interface is not properly sanitised before it is returned to the user.
Affected
CubeCart version 3.0.x through 3.0.20
References