QwikSec

Security Database

CVE

CWE

Training

CVE-2006-5107

Published: Oct 2, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x allow remote attackers to execute arbitrary SQL commands via (1) the user_name parameter in admin/forgot_pass.php, (2) the order_id parameter in view_order.php, (3) the view_doc parameter in view_doc.php, and (4) the order_id parameter in admin/print_order.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20060926 CubeCart Multiple input Validation vulnerabilities

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

cubecart-multiple-sql-injection(29176)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.