Vulnerabilities > CVE-2004-1580 - Unspecified vulnerability in Devellion Cubecart 2.0.1

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
devellion
nessus
exploit available

Summary

SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.

Vulnerable Configurations

Part Description Count
Application
Devellion
1

Exploit-Db

  • descriptionCubeCart 2.0.1 SQL Injection Vulnerability. Webapps exploit for php platform
    fileexploits/php/webapps/15278.txt
    idEDB-ID:15278
    last seen2016-02-01
    modified2010-10-18
    platformphp
    port
    published2010-10-18
    reporterX_AviaTique_X
    sourcehttps://www.exploit-db.com/download/15278/
    titleCubeCart 2.0.1 - SQL Injection Vulnerability
    typewebapps
  • descriptionBrooky CubeCart 2.0.1 SQL Injection Vulnerability. CVE-2004-1580. Webapps exploit for php platform
    idEDB-ID:24658
    last seen2016-02-02
    modified2004-10-06
    published2004-10-06
    reporterPedro Sanches
    sourcehttps://www.exploit-db.com/download/24658/
    titleBrooky CubeCart 2.0.1 - SQL Injection Vulnerability

Nessus

NASL familyCGI abuses
NASL idCUBECART_SQL_INJECTION.NASL
descriptionThere is a SQL injection issue in the remote version of CubeCart that could allow an attacker to execute arbitrary SQL statements on the remote host and to potentially overwrite arbitrary files on the remote system, by sending a malformed value to the
last seen2020-06-01
modified2020-06-02
plugin id15442
published2004-10-08
reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/15442
titleCubeCart index.php cat_id Parameter SQL Injection