15 matches found
EUVD-2007-2854
Malware in sbrugna...
EUVD-2006-4256
Malware in sbrugna...
CubeCart 6.1.12 - Admin Authentication Bypass
I Forgot My Password! Both vulnerabilities are exploitable through CubeCarts "I forgot my Password!" functionality. It is implemented in the file classes/cubecart.class.php, in the method recovery. When a user forgot his password, he can use this feature to enter his email address, a valid passwo...
cubecart 2.0.7 - Multiple Vulnerabilities
No description provided by source. Exploit Title: CubeCart 2.0.7 XSS && Remote SQL Injection = Multiple Vulnerabilities Date: June, 14th 2011 GMT +7 Author: Shamus Software Link: http://www.cubecart.com/ Version : CubeCart 2.0.7 Tested on: windows 7, ubuntu 11.04 CVE : -...
CubeCart 3.0.x - view_order.php?order_id SQL Injection
CubeCart 3.0.x - vieworder.php?orderid SQL Injection source: https://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly...
CubeCart 3.0.x - '/admin/print_order.php?order_id' SQL Injection
source: https://www.securityfocus.com/bid/20215/info CubeCart is prone to multiple input-validation vulnerabilities, including information-disclosure, cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit of...
RE: [NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure
Hello, http://www.victimsite.com/index.php?&language=f00bar.php Warning: Failed opening '/var/www/html/admin/lang/f00bar.php' for inclusion includepath='.:/usr/share/pear' in /var/www/html/admin/settings.inc.php on line 147 This is path disclosure but it can also be used for malicious file includ...
[NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure
Hello All, I have discovered a number of remote vulnerabilities in: CubeCart 2.0.6. Authors Site: http://www.cubecart.com CubeCart is described by its authors as: 'What is CubeCart? CubeCart is an eCommerce script written with PHP & MySQL. With CubeCart you can setup a powerful online store as lo...
CubeCart 2.0.x - index.php Multiple Full Path Disclosures
CubeCart 2.0.x - index.php Multiple Full Path Disclosures source: https://www.securityfocus.com/bid/13050/info CubeCart is reported prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...
CubeCart 2.0.x - 'view_cart.php?add' Full Path Disclosure
source: https://www.securityfocus.com/bid/13050/info CubeCart is reported prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These issues affect the 'index.php',...
[SA14416] CubeCart Cross-Site Scripting Vulnerabilities
---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...
CubeCart < 2.0.5 Multiple Vulnerabilities
The version of CubeCart on the remote host is vulnerable to a local file include issue, along with related cross-site scripting and path disclosure issues, due to a failure to sanitize user-supplied data. Successful exploitation of this issue may allow an attacker to execute arbitrary code on the...
Brooky CubeCart Multiple Vulnerabilities
Binary data 2617.prm...
Brooky CubeCart 2.0.12.0.4 - index.php?language Cross-Site Scripting
Brooky CubeCart 2.0.12.0.4 - index.php?language Cross-Site Scripting source: https://www.securityfocus.com/bid/12549/info Brooky CubeCart is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow remote attackers to...
Brooky CubeCart 2.0.12.0.4 - index.php?language Traversal Arbitrary File Access
Brooky CubeCart 2.0.12.0.4 - index.php?language Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/12549/info Brooky CubeCart is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow remote attacke...