Max CVSS 7.5 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-5107 7.5
Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x allow remote attackers to execute arbitrary SQL commands via (1) the user_name parameter in admin/forgot_pass.php, (2) the order_id parameter in view_order.php, (3) the view_doc param
17-10-2018 - 21:41 03-10-2006 - 04:03
CVE-2006-5109 5.0
Devellion CubeCart 2.0.x allows remote attackers to obtain sensitive information via a direct request for (1) link_navi.php or (2) spotlight.php, which reveals the path in various error messages. NOTE: the information.php, language.php, list_docs.ph
17-10-2018 - 21:41 03-10-2006 - 04:03
CVE-2006-5108 6.8
Multiple cross-site scripting (XSS) vulnerabilities in Devellion CubeCart 2.0.x allow remote attackers to inject arbitrary web script or HTML via the order_id parameter in (1) admin/print_order.php and (2) view_order.php; the (3) site_url and (4) la_
17-10-2018 - 21:41 03-10-2006 - 04:03
Back to Top Mark selected
Back to Top