Lucene search
K

7 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

CubeCart 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability

No description provided by source. ------------------------------------------------------------------------- CubeCart = 5.2.0 cubecart.class.php PHP Object Injection Vulnerability ------------------------------------------------------------------------- - Software Link: http://www.cubecart.com/ -...

7.5CVSS0.1AI score0.07086EPSS
Exploits6
CVE
CVE
added 2013/02/08 8:0 p.m.60 views

CVE-2013-1465

CubeCart 5.0.0–5.2.0 is affected by a PHP object injection in Cubecart::_basket() via the shipping POST parameter. The code unserializes base64url_decode($_POST['shipping']) into $GLOBALS['cart'], allowing an attacker to inject arbitrary PHP objects (e.g., the Config object) and potentially alter...

9.8CVSS9.2AI score0.07086EPSS
Exploits6References9Affected Software1
0day.today
0day.today
added 2013/02/07 12:0 a.m.43 views

CubeCart 5.2.0 PHP Object Injection Vulnerability

CubeCart versions 5.0.0 through 5.2.0 suffer from a PHP object injection vulnerability in cubecart.class.php ------------------------------------------------------------------------- CubeCart set'shipping', unserializebase64urldecode$POST'shipping'; 522. if !isset$POST'proceed' 523...

7.5AI score0.07086EPSS
Exploits6
exploitpack
exploitpack
added 2013/02/07 12:0 a.m.31 views

CubeCart 5.2.0 - cubecart.class.php PHP Object Injection

CubeCart 5.2.0 - cubecart.class.php PHP Object Injection ------------------------------------------------------------------------- CubeCart set'shipping', unserializebase64urldecode$POST'shipping'; 522. if !isset$POST'proceed' 523. httpredircurrentPage; 524. 525. User input passed through the...

7.5CVSS0.07086EPSS
Exploits6
Exploit DB
Exploit DB
added 2013/02/07 12:0 a.m.39 views

CubeCart 5.2.0 - 'cubecart.class.php' PHP Object Injection

------------------------------------------------------------------------- CubeCart set'shipping', unserializebase64urldecode$POST'shipping'; 522. if !isset$POST'proceed' 523. httpredircurrentPage; 524. 525. User input passed through the $POST'shipping' parameter is not properly sanitized before...

9.8CVSS9.6AI score0.07086EPSS
Exploits6
Circl
Circl
added 2013/02/07 12:0 a.m.3 views

CVE-2013-1465

creationtimestamp| type| source ---|---|--- 2013-02-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/24465...

9.8CVSS7.3AI score0.07086EPSS
Exploits6References1
Packet Storm
Packet Storm
added 2013/02/06 12:0 a.m.44 views

CubeCart 5.2.0 PHP Object Injection

------------------------------------------------------------------------- CubeCart set'shipping', unserializebase64urldecode$POST'shipping'; 522. if !isset$POST'proceed' 523. httpredircurrentPage; 524. 525. User input passed through the $POST'shipping' parameter is not properly sanitized before...

7.5CVSS0.07086EPSS
Exploits6
Rows per page
Query Builder