Lucene search
K

615 matches found

NVD
NVD
added 2026/04/17 6:16 a.m.4 views

CVE-2026-34018

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...

9.8CVSS0.00179EPSS
Exploits0References2
NVD
NVD
added 2026/04/17 6:16 a.m.6 views

CVE-2026-35496

A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...

5.1CVSS0.0032EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/17 4:33 a.m.29 views

CVE-2026-35496

A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...

5.1CVSS0.0032EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/17 4:33 a.m.3 views

CVE-2026-35496

A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...

5.1CVSS5.8AI score0.0032EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/17 4:33 a.m.11 views

CVE-2026-35496

CVE-2026-35496 describes a path traversal vulnerability in CubeCart prior to 6.6.0. A user with administrative privileges may access higher-level directories that should be inaccessible. The CVSS data indicates low to medium severity depending on metric (CVSS3.0 base score 2.7, MEDIUM per CVSS4.0...

5.1CVSS5.8AI score0.0032EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/17 4:33 a.m.6 views

CVE-2026-35496

A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...

5.1CVSS5.7AI score0.0032EPSS
Exploits0References2
CVE
CVE
added 2026/04/17 4:33 a.m.15 views

CVE-2026-34018

CVE-2026-34018 is an SQL injection vulnerability in CubeCart prior to version 6.6.0 that may allow an attacker to execute arbitrary SQL statements on the product. Multiple connected sources confirm the issue and cite the affected software version as CubeCart before 6.6.0; the root cause is an inj...

9.8CVSS6.1AI score0.00179EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/17 4:33 a.m.3 views

CVE-2026-34018

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...

6.3CVSS6.9AI score0.00179EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/17 4:33 a.m.7 views

CVE-2026-34018

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...

6.3CVSS6.9AI score0.00179EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/17 4:33 a.m.31 views

CVE-2026-34018

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...

6.3CVSS0.00179EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/17 4:33 a.m.3 views

CVE-2026-21719

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...

8.6CVSS7.2AI score0.01203EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/17 4:33 a.m.23 views

CVE-2026-21719

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...

8.6CVSS0.01203EPSS
Exploits0References2
CVE
CVE
added 2026/04/17 4:33 a.m.18 views

CVE-2026-21719

CubeCart CVE-2026-21719 affects versions prior to 6.6.0 and allows an admin to execute arbitrary OS commands via an OS command injection vulnerability. The issue arises in the administrative interface; upgrading to CubeCart 6.6.0 (or later) is the stated remediation. Exploitation details are not ...

8.6CVSS6AI score0.01203EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/17 4:33 a.m.3 views

CVE-2026-21719

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...

8.6CVSS7.3AI score0.01203EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/17 4:32 a.m.9 views

Multiple vulnerabilities in CubeCart

Overview CubeCart provided by CubeCart Limited contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2026-21719 SQL injection CWE-89 - CVE-2026-34018 Path traversal CWE-22 - CVE-2026-35496 Gen Sato of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities...

9.8CVSS6.7AI score0.01203EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.9 views

CubeCart 安全漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained security vulnerabilities. These vulnerabilities stemmed from OS command injection, which could allow users with administrative privileges to execute arbitrary OS commands...

8.6CVSS7.3AI score0.01203EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.3 views

PT-2026-33408

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...

8.6CVSS7.3AI score0.01203EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.7 views

PT-2026-33409

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...

6.3CVSS6.9AI score0.00179EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

CubeCart 安全漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained security vulnerabilities. These vulnerabilities were caused by a path traversal issue, which could allow users with administrative privileges to access directories that they shouldn...

5.1CVSS6.2AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

CubeCart 安全漏洞

CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained security vulnerabilities, which were caused by SQL injection attacks. These vulnerabilities could allow attackers to execute arbitrary SQL statements on the product side...

9.8CVSS7.1AI score0.00179EPSS
Exploits0References1
Rows per page
Query Builder