Description
SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 through 4.3.9 allows remote attackers to execute arbitrary SQL commands via the shipKey parameter to index.php.
Remediation
References
Related Vulnerabilities
Next.js URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-15242)
Moodle Other Vulnerability (CVE-2015-3272)
Oracle HTTP Server Other Vulnerability (CVE-2006-5346)
WordPress Plugin Better Click To Tweet Unspecified Vulnerability (5.1)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4300)