CubeCart Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2024-34832 - Vulnerability Database
CubeCart Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2024-34832
Critical
Reference:
CVE-2024-34832
Title:
CubeCart Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:
Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters.