Cubecart CVEs & Vulnerabilities
3 CVEs affecting Cubecart products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
3 CVEs→ All vendors
Most Affected Products
cubecart 3
CVE-2026-35496MEDIUM
A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible.
17 Apr 2026
5.1
CVSS
CVE-2026-34018CRITICAL
An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product.
17 Apr 2026
9.8
CVSS
CVE-2026-21719HIGH
An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command.
17 Apr 2026
8.6
CVSS
← PrevPage 1 / 1Next →