SQL Injection Vulnerability in CubeCart by CubeCart Ltd.
CVE-2009-4060

Currently unrated

Key Information:

Vendor

Cubecart

Status
Cubecart
Vendor
CVE Published:
24 November 2009

What is CVE-2009-4060?

This vulnerability exists due to improper validation of user-supplied data in the productId parameter in the includes/content/viewProd.inc.php file of CubeCart. Remote attackers can exploit this flaw to execute arbitrary SQL commands, potentially compromising the database and exposing sensitive information. Upgrading to version 4.3.7 or later mitigates this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/37065
vdb-entryx_refsource_BID
http://osvdb.org/60306
vdb-entryx_refsource_OSVDB
http://forums.cubecart.com/index.php?showtopic=39900
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.