Devellion Cubecart : Security vulnerabilities, CVEs file inclusion

CVE-2006-4527

includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magic_quotes_gpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allows remote attackers to conduct PHP remote file inclusion attacks.

Max CVSS

2.6

EPSS Score

0.33%

Published

2006-09-01

Updated

2008-09-05

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Devellion » Cubecart : Security Vulnerabilities, CVEs, (File inclusion)

CVE-2006-4527