7 matches found
EUVD-2025-30838
Malicious code in bioql PyPI...
CVE-2025-59411
CubeCart is an ecommerce software solution. Prior to version 6.5.11, the contact form’s Enquiry field accepts raw HTML and that HTML is included verbatim in the email sent to the store admin. By submitting HTML in the Enquiry, the admin receives an email containing that HTML. This indicates user...
CVE-2025-59411
CubeCart is an ecommerce software solution. Prior to version 6.5.11, the contact form’s Enquiry field accepts raw HTML and that HTML is included verbatim in the email sent to the store admin. By submitting HTML in the Enquiry, the admin receives an email containing that HTML. This indicates user...
CVE-2025-59411 CubeCart Stored/Reflected HTML Injection Vulnerability in Contact Enquiry
CubeCart is an ecommerce software solution. Prior to version 6.5.11, the contact form’s Enquiry field accepts raw HTML and that HTML is included verbatim in the email sent to the store admin. By submitting HTML in the Enquiry, the admin receives an email containing that HTML. This indicates user...
PT-2025-38743
Name of the Vulnerable Software and Affected Versions CubeCart versions prior to 6.5.11 Description CubeCart is an ecommerce software solution. The contact form’s Enquiry field accepts raw HTML, which is included directly in the email sent to the store administrator. Submitting HTML through the...
CubeCart 安全漏洞
CubeCart is an e-commerce software from CubeCart Open Source. A security vulnerability exists in CubeCart versions prior to 6.5.11 that stems from a failure to clean and escape user input in the Enquiry field, which could lead to a cross-site scripting attack or HTML injection...
CVE-2020-18477
SQL Injection vulnerability in Hucart CMS 5.7.4 via the purchase enquiry field found in the Message concontent field...