SQL Injection Vulnerability in CubeCart PHP Shopping Cart by CubeCart
CVE-2010-1931

Currently unrated

Key Information:

Vendor

Cubecart

Status
Cubecart
Vendor
CVE Published:
10 June 2010

What is CVE-2010-1931?

A SQL injection vulnerability exists in the CubeCart PHP Shopping Cart within the includes/content/cart.inc.php file. This flaw arises when an attacker exploits the shipKey parameter in index.php, allowing them to execute arbitrary SQL commands on the database. The vulnerability affects multiple versions from 4.3.4 to 4.3.9 and poses a significant risk to the integrity and confidentiality of the application’s data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/40102
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/511735/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://forums.cubecart.com/index.php?showtopic=41469
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.