Open Redirect Vulnerability in CubeCart by CubeCart Ltd
CVE-2012-0865

Currently unrated

Key Information:

Vendor

Cubecart

Status
Cubecart
Vendor
CVE Published:
21 February 2012

What is CVE-2012-0865?

Multiple open redirect vulnerabilities exist in CubeCart versions 3.0.20 and earlier, allowing attackers to exploit parameters in URLs. By manipulating the 'r' parameter in switch.php or the 'goto' parameter in admin/login.php, an attacker could redirect unsuspecting users to arbitrary and potentially harmful websites. This poses a significant risk of phishing attacks, wherein malicious actors can deceive users into providing sensitive information. Immediate action should be taken to update to the latest version and mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2012/02/13/5
mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2012/02/18/1
mailing-listx_refsource_MLIST
http://yehg.net/lab/pr0js/advisories/%5Bcubecart_3.0.20_3...
x_refsource_MISC

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.