Vulnerabilities > CVE-2004-1580 - SQL Injection vulnerability in Devellion Cubecart 2.0.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description CubeCart 2.0.1 SQL Injection Vulnerability. Webapps exploit for php platform file exploits/php/webapps/15278.txt id EDB-ID:15278 last seen 2016-02-01 modified 2010-10-18 platform php port published 2010-10-18 reporter X_AviaTique_X source https://www.exploit-db.com/download/15278/ title CubeCart 2.0.1 - SQL Injection Vulnerability type webapps description Brooky CubeCart 2.0.1 SQL Injection Vulnerability. CVE-2004-1580. Webapps exploit for php platform id EDB-ID:24658 last seen 2016-02-02 modified 2004-10-06 published 2004-10-06 reporter Pedro Sanches source https://www.exploit-db.com/download/24658/ title Brooky CubeCart 2.0.1 - SQL Injection Vulnerability
Nessus
| NASL family | CGI abuses |
| NASL id | CUBECART_SQL_INJECTION.NASL |
| description | There is a SQL injection issue in the remote version of CubeCart that could allow an attacker to execute arbitrary SQL statements on the remote host and to potentially overwrite arbitrary files on the remote system, by sending a malformed value to the |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 15442 |
| published | 2004-10-08 |
| reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/15442 |
| title | CubeCart index.php cat_id Parameter SQL Injection |