2 matches found
CVE-2006-4527
includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magicquotesgpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allows remote attackers to conduct PHP remote file inclusion attacks...
CVE-2006-4527
CVE-2006-4527 affects CubeCart 3.0.12 and earlier, where includes/content/gateway.inc.php validates the gateway parameter with an insufficiently restrictive regex when magic_quotes_gpc is disabled, enabling remote PHP remote file inclusion. Connected sources confirm the issue and reference CubeCart