WEB APPLICATION VULNERABILITIES Standard & Premium

CubeCart Improper Input Validation Vulnerability (CVE-2012-0865)

Description

Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php.

Remediation

References

Related Vulnerabilities

Zope Web Application Server Other Vulnerability (CVE-2005-3323)

Magento CVE-2019-8136 Vulnerability (CVE-2019-8136)

Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2023-42794)

Drupal Other Vulnerability (CVE-2016-3164)

WordPress Plugin Smart Marketing SMS and Newsletters Forms Security Bypass (2.6.1)

Severity

Medium

Classification

CVE-2012-0865 CWE-20

Tags

Missing Update Known Vulnerabilities