Description

SQL injection vulnerability in index.php in CubeCart 4.3.3 allows remote attackers to execute arbitrary SQL commands via the searchStr parameter.

Remediation

References

CVE-2010-4903

Related Vulnerabilities

WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (4.6.12)

WordPress Plugin Floating Social Bar Cross-Site Scripting (1.1.5)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-9427)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3660)

PHP Use After Free Vulnerability (CVE-2021-21708)

Severity

High

Classification

CVE-2010-4903 CWE-138

Tags

Missing Update Known Vulnerabilities