search

cubecart / v6

CubeCart Version 6
https://cubecart.com
72 stars 58 forks source link

Security: Arbitrary File Upload Leads to RCE #3570

Closed abrookbanks closed 5 months ago

abrookbanks commented 5 months ago

Many thanks to Julio Araujo (@julio-cfa) for disclosing this vulnerability responsibly.

julio-cfa commented 5 months ago

Thank you, @abrookbanks! I appreciate the quick fix.

adrian24dev commented 4 months ago

How can we fix this?

Many thanks to Julio Araujo (@julio-cfa) for disclosing this vulnerability responsibly.

abrookbanks commented 4 months ago

Upgrade to the latest version or apply the code changes in this issue.