Family: CGI abuses --> Category: attack
CubeCart SQL injection Vulnerability Scan
Vulnerability Scan Summary
SQL Injection in CubeCart
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP script that is susceptible to a SQL
There is a SQL injection issue in the remote version of CubeCart that
may allow a possible hacker to execute arbitrary SQL statements on the remote
host and to potentially overwrite arbitrary files on the remote system,
by sending a malformed value to the 'cat_id' argument of the file
See also :
Upgrade to CubeCart 2.0.2 or later.
Medium / CVSS Base Score : 5
Click HERE for more information and discussions on this network vulnerability scan.