CVE-2012-0865

CubeCart <3.0.20 - Open Redirect

Title source: llm

Description

Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php.

Exploits (3)

exploitdb WRITEUP VERIFIED

by Aung Khant · textwebappsphp

https://www.exploit-db.com/exploits/36685

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Aung Khant · textwebappsphp

https://www.exploit-db.com/exploits/36687

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Aung Khant · textwebappsphp

https://www.exploit-db.com/exploits/36686

View Code ZIP pw:eip

References (9)

Core 9

Core References

Exploit x_refsource_misc

http://yehg.net/lab/pr0js/advisories/%5Bcubecart_3.0.20_3.0.x%5D_open_url_redirection

Exploit mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/02/13/5

Exploit mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/02/18/1

Exploit mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2012/02/12/4

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/79140

Exploit mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2012-02/0058.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/79141

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1026711

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/51966

Scores

EPSS 0.1147

EPSS Percentile 93.6%

Details

CWE

CWE-20

Status published

Products (21)

cubecart/cubecart 3.0.0

cubecart/cubecart 3.0.1

cubecart/cubecart 3.0.2

cubecart/cubecart 3.0.3

cubecart/cubecart 3.0.4

cubecart/cubecart 3.0.5

cubecart/cubecart 3.0.6

cubecart/cubecart 3.0.7

cubecart/cubecart 3.0.8

cubecart/cubecart 3.0.9

... and 11 more

Published Feb 21, 2012

Tracked Since Feb 18, 2026