CubeCart SQL Injection Vulnerability (CNVD-2016-01942)
CubeCart is an open source PHP e-commerce software system. CubeCart suffers from a SQL injection vulnerability. Due to insufficient filtering of user-supplied data via the "char" HTTP GET parameter passed to the "/admin.php" PHP script input, a remotely authenticated attacker with privileged acce...