Products
CubeCart
- before 6.5.5
Source
cve@mitre.org
Tags
CVE-2024-33438 details
Published : April 29, 2024, 6:15 p.m.
Last Modified : April 29, 2024, 6:15 p.m.
Last Modified : April 29, 2024, 6:15 p.m.
Description
File Upload vulnerability in CubeCart before 6.5.5 allows an authenticated user to execute arbitrary code via a crafted .phar file.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
References
| URL | Source |
|---|---|
| https://forums.cubecart.com/topic/59046-cubecart-655-released-minor-security-update/ | cve@mitre.org |
| https://github.com/cubecart/v6 | cve@mitre.org |
| https://github.com/cubecart/v6/commit/31a5ec39b0924b2111fbc3aa419bd8c5c3fc1841 | cve@mitre.org |
| https://github.com/julio-cfa/CVE-2024-33438 | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.