CVE-2026-45054 CubeCart: Authenticated SQL Injection via `sort[]` Parameter in Admin Orders Transactions Listing
CubeCart is an ecommerce software solution. Prior to 6.7.0, the admin orders-transactions listing page admin.php?g=orders&node=transactions builds a raw ORDER BY SQL fragment from the attacker-controlled $GET'sort' array without column or direction validation. Both the column key and the directio...