7 matches found
CubeCart 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability
No description provided by source. ------------------------------------------------------------------------- CubeCart = 5.2.0 cubecart.class.php PHP Object Injection Vulnerability ------------------------------------------------------------------------- - Software Link: http://www.cubecart.com/ -...
CVE-2013-1465
CubeCart 5.0.0–5.2.0 is affected by a PHP object injection in Cubecart::_basket() via the shipping POST parameter. The code unserializes base64url_decode($_POST['shipping']) into $GLOBALS['cart'], allowing an attacker to inject arbitrary PHP objects (e.g., the Config object) and potentially alter...
CubeCart 5.2.0 PHP Object Injection Vulnerability
CubeCart versions 5.0.0 through 5.2.0 suffer from a PHP object injection vulnerability in cubecart.class.php ------------------------------------------------------------------------- CubeCart set'shipping', unserializebase64urldecode$POST'shipping'; 522. if !isset$POST'proceed' 523...
CubeCart 5.2.0 - cubecart.class.php PHP Object Injection
CubeCart 5.2.0 - cubecart.class.php PHP Object Injection ------------------------------------------------------------------------- CubeCart set'shipping', unserializebase64urldecode$POST'shipping'; 522. if !isset$POST'proceed' 523. httpredircurrentPage; 524. 525. User input passed through the...
CubeCart 5.2.0 - 'cubecart.class.php' PHP Object Injection
------------------------------------------------------------------------- CubeCart set'shipping', unserializebase64urldecode$POST'shipping'; 522. if !isset$POST'proceed' 523. httpredircurrentPage; 524. 525. User input passed through the $POST'shipping' parameter is not properly sanitized before...
CVE-2013-1465
creationtimestamp| type| source ---|---|--- 2013-02-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/24465...
CubeCart 5.2.0 PHP Object Injection
------------------------------------------------------------------------- CubeCart set'shipping', unserializebase64urldecode$POST'shipping'; 522. if !isset$POST'proceed' 523. httpredircurrentPage; 524. 525. User input passed through the $POST'shipping' parameter is not properly sanitized before...