Session Fixation Vulnerability in CubeCart by CubeCart Ltd.
CVE-2014-2341

Currently unrated

Key Information:

Vendor

Cubecart

Status
Cubecart
Vendor
CVE Published:
22 April 2014

What is CVE-2014-2341?

A session fixation vulnerability exists in CubeCart prior to version 5.2.9, where remote attackers can manipulate the PHPSESSID parameter to hijack user sessions. This flaw enables unauthorized access to user accounts, potentially compromising sensitive information and user data. It is essential for users and administrators of CubeCart to upgrade to the latest version to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/57856
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/66805
vdb-entryx_refsource_BID
http://forums.cubecart.com/topic/48427-cubecart-529-relased/
x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.