Vulnerabilities > Cubecart > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-31 | CVE-2008-1550 | Cross-Site Scripting vulnerability in Cubecart 4.2.1 Multiple cross-site scripting (XSS) vulnerabilities in index.php in CubeCart 4.2.1 allow remote attackers to inject arbitrary web script or HTML via (1) the _a parameter in a searchStr action and the (2) Submit parameter. | 4.3 |