Vulnerabilidades en cubecart
13 resultadosCVE-2026-44377CRITICALCubeCart: Server-Side Template Injection (SSTI) in Smarty Templates leading to RCEEPSS 0.7%CVE-2026-44376MEDIUMCubeCart: Reflected XSS in Store Search BarEPSS 0.7%CVE-2026-45053CRITICALCubeCart: Authenticated Arbitrary File Upload to RCE in REST Files APIEPSS 0.6%CVE-2026-45714CRITICALCubeCart: Server-Side Template Injection (SSTI) in Smarty Templates leading to RCEEPSS 0.4%CVE-2025-59413MEDIUMCubeCart Unauthorized Newsletter Unsubscription via force_unsubscribe ParameterEPSS 0.4%CVE-2026-39358HIGHCubeCart: Time-based Blind SQL InjectionEPSS 0.3%CVE-2026-45708HIGHCubeCart: Authenticated RCE via Invoice Template → Order PrintEPSS 0.3%CVE-2025-59411MEDIUMCubeCart Stored/Reflected HTML Injection Vulnerability in Contact EnquiryEPSS 0.3%CVE-2025-59412MEDIUMCubeCart Vulnerable to HTML Injection in Product Reviews Allows Malicious Links and DefacementEPSS 0.3%CVE-2026-45054MEDIUMCubeCart: Authenticated SQL Injection via `sort[]` Parameter in Admin Orders Transactions ListingEPSS 0.2%CVE-2025-59335HIGHCubeCart Session Not Invalidated After Password ChangeEPSS 0.2%CVE-2026-39428MEDIUMCubeCart: Stored Cross-Site Scripting (XSS)EPSS 0.2%CVE-2026-45055HIGHCubeCart: Pre-Authenticated Password Reset Link Poisoning via HTTP Host HeaderEPSS 0.1%