Cubecart » Cubecart : Security Vulnerabilities, CVEs, CVSS score >= 9

CVE-2018-20716

CubeCart before 6.1.13 has SQL Injection via the validate[] parameter of the "I forgot my Password!" feature.
Max CVSS
9.8
EPSS Score
0.21%
Published
2019-01-15
Updated
2019-01-23

CVE-2013-1465

The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object.
Max CVSS
9.8
EPSS Score
30.19%
Published
2013-02-08
Updated
2024-01-09
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close