CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

49 matches found

EUVD•added 2026/05/13 8:44 p.m.•4 views

EUVD-2026-30172

CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CCSTOREURL directly from the Host request header at bootstrap, with no allowlist. The constant is embedded verbatim into transactional email links, most critically the password-reset link in...

8.1CVSS5.9AI score0.00031EPSS

Exploits0References1

EUVD•added 2026/05/13 8:38 p.m.•5 views

EUVD-2026-30156

CubeCart is an ecommerce software solution. Prior to 6.6.0, Authenticated Time-Based Blind SQL Injection vulnerabilities were identified in the sorting parameters sortprice, sortactivity, sortadmin, and sortcustomer of the Products and Logs endpoints in CubeCart v6.x. This allows an attacker to...

7.2CVSS6.2AI score0.00037EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:35 a.m.•9 views

CVE-2024-34832

Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the g and node parameters...

9.8CVSS7.7AI score0.08299EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-11274

Malware in sbrugna...

6.5CVSS6.6AI score0.03372EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2011-3682

Malware in sbrugna...

5CVSS6.4AI score0.00283EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2005-0607

Malware in sbrugna...

4.3CVSS6.4AI score0.09075EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-0443

Malware in sbrugna...

5CVSS6.4AI score0.08911EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-11281

Malware in sbrugna...

6.5CVSS6.6AI score0.01525EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-0444

Malware in sbrugna...

4.3CVSS6.4AI score0.00509EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-13250

Malware in sbrugna...

5.4CVSS5.5AI score0.00206EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-20100

Malware in sbrugna...

5.5CVSS5.5AI score0.00137EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-51411

Malicious code in bioql PyPI...

4.9CVSS6.4AI score0.00344EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-41955

Malicious code in bioql PyPI...

8.1CVSS8.4AI score0.00561EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-46880

Malicious code in bioql PyPI...

6.5CVSS7.1AI score0.01725EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 6:20 a.m.•5 views

CVE-2024-33438

File Upload vulnerability in CubeCart before 6.5.5 allows an authenticated user to execute arbitrary code via a crafted .phar file...

8CVSS7.5AI score0.00261EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 4:19 a.m.•4 views

CVE-2023-42428

Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to delete directories and files in the system...

6.5CVSS6.6AI score0.01725EPSS

Exploits0

RedhatCVE•added 2025/05/23 2:20 a.m.•4 views

CVE-2023-38130

Cross-site request forgery CSRF vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system...

8.1CVSS7.2AI score0.00561EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:8 a.m.•4 views

CVE-2023-47283

Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to obtain files in the system...

4.9CVSS6.5AI score0.00344EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:10 a.m.•5 views

CVE-2018-20703

CubeCart 6.2.2 has Reflected XSS via a /ADMIN-FILE/ query string...

5.4CVSS5.9AI score0.00206EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 10:22 p.m.•5 views

CVE-2006-4527

includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magicquotesgpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allows remote attackers to conduct PHP remote file inclusion attacks...

2.6CVSS7.2AI score0.00483EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by