Description

Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.

Remediation

References

CVE-2017-2090

Related Vulnerabilities

Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8831)

WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)

WordPress Plugin Form Builder-Create Responsive Contact Forms Cross-Site Scripting (1.9.8.4)

WordPress Plugin File Manager Cross-Site Request Forgery (7.2.4)

WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (5.2.3)

Severity

Medium

Classification

CVE-2017-2090 CWE-22 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities