CVE-2017-2117
MEDIUMCubeCart <6.1.5 - Path Traversal
Title source: llmDescription
Directory traversal vulnerability in CubeCart versions prior to 6.1.5 allows attacker with administrator rights to read arbitrary files via unspecified vectors.
Scores
CVSS v3
4.9
EPSS
0.0173
EPSS Percentile
82.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-22
Status
published
Affected Products (2)
cubecart/cubecart
< 6.1.4
CubeCart Limited/CubeCart
< versions prior to 6.1.5
Timeline
Published
Apr 28, 2017
Tracked Since
Feb 18, 2026