Description

Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters.

Remediation

References

CVE-2024-34832

Related Vulnerabilities

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (2.1.5)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5835)

Drupal CVE-2018-7602 Vulnerability (CVE-2018-7602)

WordPress Plugin Content Aware Sidebars-Unlimited Widget Areas Security Bypass (3.8)

Drupal Core Security Bypass (8.0.0 - 9.2.21)

Severity

Critical

Classification

CVE-2024-34832 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities