This host is installed with CubeCart and is prone to multiple vulnerabilities.

Successful exploitation will allow remote attackers to execute arbitrary web script or HTML in a user's browser session in the context of an affected site and manipulate SQL queries by injecting arbitrary SQL code. Impact Level: Application

Upgrade to CubeCart version 5.0 or later, For updates refer to http://www.cubecart.com

Inputs passed via multiple parameters to 'index.php', 'cart.php' and Admin Interface is not properly sanitised before it is returned to the user.

CubeCart version 3.0.x through 3.0.20

• http://packetstormsecurity.org/files/119041
• http://seclists.org/bugtraq/2012/Dec/128
• http://seclists.org/fulldisclosure/2012/Dec/233
• http://seclists.org/fulldisclosure/2012/Dec/234
• http://www.osvdb.org/88690
• http://www.osvdb.org/88691

---

Updated on 2015-03-25