Primary

Context

CubeCart OS Command Injection Vulnerability

Vulnerability

Patched

A command injection vulnerability has been identified in CubeCart versions prior to 6.6.0. This vulnerability allows users with administrative privileges to execute arbitrary operating system commands.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of operating system commands with the privileges of the web server user.

Remediation

Users are advised to update CubeCart to version 6.6.0 or later, where this vulnerability has been addressed.

Added: Apr 17, 2026, 6:23 AM

Updated: Apr 17, 2026, 6:23 AM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

10.0

exploitability

5.0

remediation

7.7

relevance

6.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

10.0

exploitability

5.0

remediation

7.7

relevance

6.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

CubeCart OS Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CubeCart

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating