Description
SQL injection vulnerability in includes/content/viewProd.inc.php in CubeCart before 4.3.7 remote attackers to execute arbitrary SQL commands via the productId parameter.
Remediation
References
Related Vulnerabilities
WordPress 4.9.x PHP Object Injection (4.9 - 4.9.17)
Ruby Improper Input Validation Vulnerability (CVE-2013-1821)
WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (4.0.9)
WordPress Plugin WP Songbook Cross-Site Scripting (2.0.11)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1159)