Description

Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.

Remediation

References

CVE-2017-2098

Related Vulnerabilities

WordPress Plugin RestroPress-Online Food Ordering System Cross-Site Request Forgery (2.8.2)

WordPress Plugin RSS Feed Widget Cross-Site Scripting (2.8.0)

WordPress Plugin GeoDirectory-WordPress Business Directory and Classified Ads Listings SQL Injection (2.2.23)

WordPress Plugin Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list CSV Injection (2.0.68)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18259)

Severity

Medium

Classification

CVE-2017-2098 CWE-22 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities