Shodan
Vulnerabilities
Vulnerable Software
Devellion:  >> Cubecart  >> 3.0.11  Security Vulnerabilities
CVE-2006-4267
Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) oid parameter in modules/gateway/Protx/confirmed.php and the (2) x_invoice_num parameter in modules/gateway/Authorize/confirmed.php.
CVSS Score
7.5
EPSS Score
0.016
Published
2006-08-21
CVE-2006-4268
Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) file, (2) x, and (3) y parameters in (a) admin/filemanager/preview.php; and the (4) email parameter in (b) admin/login.php.
CVSS Score
6.8
EPSS Score
0.039
Published
2006-08-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved