615 matches found
CVE-2026-34018
An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...
CVE-2026-35496
A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...
CVE-2026-35496
A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...
CVE-2026-35496
A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...
CVE-2026-35496
CVE-2026-35496 describes a path traversal vulnerability in CubeCart prior to 6.6.0. A user with administrative privileges may access higher-level directories that should be inaccessible. The CVSS data indicates low to medium severity depending on metric (CVSS3.0 base score 2.7, MEDIUM per CVSS4.0...
CVE-2026-35496
A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...
CVE-2026-34018
CVE-2026-34018 is an SQL injection vulnerability in CubeCart prior to version 6.6.0 that may allow an attacker to execute arbitrary SQL statements on the product. Multiple connected sources confirm the issue and cite the affected software version as CubeCart before 6.6.0; the root cause is an inj...
CVE-2026-34018
An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...
CVE-2026-34018
An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...
CVE-2026-34018
An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...
CVE-2026-21719
An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...
CVE-2026-21719
An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...
CVE-2026-21719
CubeCart CVE-2026-21719 affects versions prior to 6.6.0 and allows an admin to execute arbitrary OS commands via an OS command injection vulnerability. The issue arises in the administrative interface; upgrading to CubeCart 6.6.0 (or later) is the stated remediation. Exploitation details are not ...
CVE-2026-21719
An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...
Multiple vulnerabilities in CubeCart
Overview CubeCart provided by CubeCart Limited contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2026-21719 SQL injection CWE-89 - CVE-2026-34018 Path traversal CWE-22 - CVE-2026-35496 Gen Sato of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities...
CubeCart 安全漏洞
CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained security vulnerabilities. These vulnerabilities stemmed from OS command injection, which could allow users with administrative privileges to execute arbitrary OS commands...
PT-2026-33408
An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command...
PT-2026-33409
An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...
CubeCart 安全漏洞
CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained security vulnerabilities. These vulnerabilities were caused by a path traversal issue, which could allow users with administrative privileges to access directories that they shouldn...
CubeCart 安全漏洞
CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.6.0 contained security vulnerabilities, which were caused by SQL injection attacks. These vulnerabilities could allow attackers to execute arbitrary SQL statements on the product side...