jetlib.sec » Bugtraq » CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated]

Feeds

132972 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Bugtraq

• February 20, 2012
• 

  CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated]

  Posted: February 20th, 2012, 8:37am PST

  Tags:   

  Posted by YGN Ethical Hacker Group on Feb 20

  1. OVERVIEW
  
  The CubeCart 3.0.20 and lower versions are vulnerable to Open URL Redirection.
  
  2. BACKGROUND
  
  CubeCart is an "out of the box" ecommerce shopping cart software
  solution which has been written to run on servers that have PHP &
  MySQL support. With CubeCart you can quickly setup a powerful online
  store which can be used to sell digital or tangible products to new
  and existing customers all over the world.
  
  3. VULNERABILITY...