Description

Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters.

Remediation

References

CVE-2024-34832

Related Vulnerabilities

Apache HTTP Server Other Vulnerability (CVE-2002-0840)

WordPress Plugin N-Media Website Contact Form with File Upload Arbitrary File Upload (1.3.4)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.25)

MySQL CVE-2015-0411 Vulnerability (CVE-2015-0411)

Oracle Database Server CVE-2007-0271 Vulnerability (CVE-2007-0271)

Severity

Critical

Classification

CVE-2024-34832 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities