Description

SQL injection vulnerability in includes/content/viewProd.inc.php in CubeCart before 4.3.7 remote attackers to execute arbitrary SQL commands via the productId parameter.

Remediation

References

CVE-2009-4060

Related Vulnerabilities

WordPress Plugin SEO SearchTerms Tagging 2 Multiple Vulnerabilities (1.535)

Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7559)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6610)

Apache Tomcat Other Vulnerability (CVE-2010-3718)

Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8481)

Severity

High

Classification

CVE-2009-4060 CWE-138

Tags

Missing Update Known Vulnerabilities