Cubecart
Products
2- 58 CVEs
- 2 CVEs
Recent CVEs
59| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-1465 | Cri | 0.67 | 9.8 | 0.07 | Feb 8, 2013 | The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object. | ||
| CVE-2026-34018 | Cri | 0.57 | 9.8 | 0.00 | Apr 17, 2026 | An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product. | ||
| CVE-2026-45714 | Cri | 0.52 | 9.1 | 0.00 | May 13, 2026 | CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including Email Templates, Invoices, Documents, and Contact Forms). The application unsafely evaluates… | ||
| CVE-2026-45053 | Cri | 0.52 | 9.1 | 0.01 | May 13, 2026 | CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Arbitrary File Upload vulnerability exists in the REST API File Manager endpoint (POST /api/v1/files) of CubeCart. The endpoint allows any holder of an API key with files:rw permission to upload PHP… | ||
| CVE-2026-44377 | Cri | 0.52 | 9.1 | 0.01 | May 13, 2026 | CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including Email Templates and Documents). The application unsafely evaluates user-supplied input directly… | ||
| CVE-2026-45055 | Hig | 0.46 | 8.1 | 0.00 | May 13, 2026 | CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CC_STORE_URL directly from the Host request header at bootstrap, with no allowlist. The constant is embedded verbatim into transactional email links, most critically the password-reset… | ||
| CVE-2017-2098 | Med | 0.42 | 6.5 | 0.02 | Apr 28, 2017 | Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors. | ||
| CVE-2017-2090 | Med | 0.42 | 6.5 | 0.02 | Apr 28, 2017 | Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors. | ||
| CVE-2026-45708 | Hig | 0.40 | 7.2 | 0.00 | May 13, 2026 | CubeCart is an ecommerce software solution. Prior to 6.7.3, an admin with documents edit permission can save raw <?php … ?> into the Invoice Editor. The next time any admin clicks Print on any order, the rendered template is written to files/print..php. files/.htaccess… | ||
| CVE-2026-39358 | Hig | 0.40 | 7.2 | 0.00 | May 13, 2026 | CubeCart is an ecommerce software solution. Prior to 6.6.0, Authenticated Time-Based Blind SQL Injection vulnerabilities were identified in the sorting parameters (sort[price], sort_activity, sort_admin, and sort_customer) of the Products and Logs endpoints in CubeCart v6.x.… | ||
| CVE-2026-21719 | Hig | 0.40 | 7.2 | 0.01 | Apr 17, 2026 | An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command. | ||
| CVE-2026-44376 | Med | 0.36 | 6.1 | 0.01 | May 13, 2026 | CubeCart is an ecommerce software solution. Prior to 6.7.0, an unauthenticated Reflected XSS vulnerability exists in the CubeCart v6.x search feature. Due to a logic flaw in classes/catalogue.class.php, user input is reflected without sanitization only when a search returns… | ||
| CVE-2017-2117 | Med | 0.32 | 4.9 | 0.02 | Apr 28, 2017 | Directory traversal vulnerability in CubeCart versions prior to 6.1.5 allows attacker with administrator rights to read arbitrary files via unspecified vectors. | ||
| CVE-2026-45054 | Med | 0.25 | 4.9 | 0.00 | May 13, 2026 | CubeCart is an ecommerce software solution. Prior to 6.7.0, the admin orders-transactions listing page (admin.php?_g=orders&node=transactions) builds a raw ORDER BY SQL fragment from the attacker-controlled $_GET['sort'] array without column or direction validation. Both the… | ||
| CVE-2026-39428 | Med | 0.24 | 4.8 | 0.00 | May 13, 2026 | CubeCart is an ecommerce software solution. Prior to 6.6.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in CubeCart v6.x. An attacker with administrative privileges can inject malicious JavaScript payloads into multiple fields during the creation or modification of… | ||
| CVE-2026-35496 | Low | 0.11 | 2.7 | 0.00 | Apr 17, 2026 | A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible. | ||
| CVE-2009-3904 | 0.04 | — | 0.09 | Nov 6, 2009 | classes/session/cc_admin_session.php in CubeCart 4.3.4 does not properly restrict administrative access permissions, which allows remote attackers to bypass restrictions and gain administrative access via a HTTP request that contains an empty (1) sessID (ccAdmin cookie), (2)… | |||
| CVE-2006-0922 | 0.04 | — | 0.08 | Feb 28, 2006 | CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php (aka upload.php) that allows remote attackers to… | |||
| CVE-2005-0442 | 0.04 | — | 0.08 | May 2, 2005 | Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter. | |||
| CVE-2014-2341 | 0.03 | — | 0.06 | Apr 22, 2014 | Session fixation vulnerability in CubeCart before 5.2.9 allows remote attackers to hijack web sessions via the PHPSESSID parameter. |
- risk 0.67cvss 9.8epss 0.07
The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object.
- risk 0.57cvss 9.8epss 0.00
An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product.
- risk 0.52cvss 9.1epss 0.00
CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including Email Templates, Invoices, Documents, and Contact Forms). The application unsafely evaluates…
- risk 0.52cvss 9.1epss 0.01
CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Arbitrary File Upload vulnerability exists in the REST API File Manager endpoint (POST /api/v1/files) of CubeCart. The endpoint allows any holder of an API key with files:rw permission to upload PHP…
- risk 0.52cvss 9.1epss 0.01
CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including Email Templates and Documents). The application unsafely evaluates user-supplied input directly…
- risk 0.46cvss 8.1epss 0.00
CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CC_STORE_URL directly from the Host request header at bootstrap, with no allowlist. The constant is embedded verbatim into transactional email links, most critically the password-reset…
- risk 0.42cvss 6.5epss 0.02
Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.
- risk 0.42cvss 6.5epss 0.02
Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.
- risk 0.40cvss 7.2epss 0.00
CubeCart is an ecommerce software solution. Prior to 6.7.3, an admin with documents edit permission can save raw <?php … ?> into the Invoice Editor. The next time any admin clicks Print on any order, the rendered template is written to files/print..php. files/.htaccess…
- risk 0.40cvss 7.2epss 0.00
CubeCart is an ecommerce software solution. Prior to 6.6.0, Authenticated Time-Based Blind SQL Injection vulnerabilities were identified in the sorting parameters (sort[price], sort_activity, sort_admin, and sort_customer) of the Products and Logs endpoints in CubeCart v6.x.…
- risk 0.40cvss 7.2epss 0.01
An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command.
- risk 0.36cvss 6.1epss 0.01
CubeCart is an ecommerce software solution. Prior to 6.7.0, an unauthenticated Reflected XSS vulnerability exists in the CubeCart v6.x search feature. Due to a logic flaw in classes/catalogue.class.php, user input is reflected without sanitization only when a search returns…
- risk 0.32cvss 4.9epss 0.02
Directory traversal vulnerability in CubeCart versions prior to 6.1.5 allows attacker with administrator rights to read arbitrary files via unspecified vectors.
- risk 0.25cvss 4.9epss 0.00
CubeCart is an ecommerce software solution. Prior to 6.7.0, the admin orders-transactions listing page (admin.php?_g=orders&node=transactions) builds a raw ORDER BY SQL fragment from the attacker-controlled $_GET['sort'] array without column or direction validation. Both the…
- risk 0.24cvss 4.8epss 0.00
CubeCart is an ecommerce software solution. Prior to 6.6.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in CubeCart v6.x. An attacker with administrative privileges can inject malicious JavaScript payloads into multiple fields during the creation or modification of…
- risk 0.11cvss 2.7epss 0.00
A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible.
- CVE-2009-3904Nov 6, 2009risk 0.04cvss —epss 0.09
classes/session/cc_admin_session.php in CubeCart 4.3.4 does not properly restrict administrative access permissions, which allows remote attackers to bypass restrictions and gain administrative access via a HTTP request that contains an empty (1) sessID (ccAdmin cookie), (2)…
- CVE-2006-0922Feb 28, 2006risk 0.04cvss —epss 0.08
CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php (aka upload.php) that allows remote attackers to…
- CVE-2005-0442May 2, 2005risk 0.04cvss —epss 0.08
Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter.
- CVE-2014-2341Apr 22, 2014risk 0.03cvss —epss 0.06
Session fixation vulnerability in CubeCart before 5.2.9 allows remote attackers to hijack web sessions via the PHPSESSID parameter.