Vulnerabilidades en CubeCart Limited
9 resultadosCVE-2017-2098—Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspEPSS 2.5%CVE-2017-2117—Directory traversal vulnerability in CubeCart versions prior to 6.1.5 allows attacker with administrator rights to read arbitrary files via EPSS 2.1%CVE-2023-42428—Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to deleEPSS 1.3%CVE-2026-21719HIGHAn OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute EPSS 1.2%CVE-2023-47283—Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to obtaEPSS 1.2%CVE-2023-47675—CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command.EPSS 1.0%CVE-2023-38130—Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the syEPSS 0.4%CVE-2026-35496MEDIUMA path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-lEPSS 0.3%CVE-2026-34018MEDIUMAn SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the pEPSS 0.2%