CVE-2017-2098

MEDIUM

CubeCart <6.1.4 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.

References (3)

Scores

CVSS v3 6.5
EPSS 0.0152
EPSS Percentile 81.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-22
Status published

Affected Products (2)

cubecart/cubecart < 6.1.3
CubeCart Limited/CubeCart < versions prior to 6.1.4

Timeline

Published Apr 28, 2017
Tracked Since Feb 18, 2026