Family: CGI abuses : XSS --> Category: infos
CubeCart settings.inc.php Cross-Site Scripting and Path Disclosure Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks version of CubeCart
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that is affected by
According to its banner, the version of CubeCart installed on the
remote host suffers from multiple cross-site scripting and path
disclosure vulnerabilities due to a failure to sanitize user input in
'admin/settings.inc.php', which is used by various scripts.
See also :
Upgrade to CubeCart 2.0.6 or later.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.