cubecart limited

Top products

The 9 most recently published vulnerabilities affecting cubecart limited.

• CVE-2026-35496A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible.2.7Apr 17, 2026
• CVE-2026-34018An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product.9.8Apr 17, 2026
• CVE-2026-21719An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command.7.2Apr 17, 2026
• CVE-2023-47675CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command.7.2Nov 17, 2023
• CVE-2023-47283Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to obtain files in the system.4.9Nov 17, 2023
• CVE-2023-42428Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to delete directories and files in the system.6.5Nov 17, 2023
• CVE-2023-38130Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system.8.1Nov 17, 2023
• CVE-2017-2117Directory traversal vulnerability in CubeCart versions prior to 6.1.5 allows attacker with administrator rights to read arbitrary files via unspecified vectors.4.9Apr 28, 2017
• CVE-2017-2098Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.6.5Apr 28, 2017