CVE-2012-0865

Published Feb 21, 2012

Last updated 7 years ago

CVSS info 5.8

Overview

Description: Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16AEEEBB-9C7C-4793-A2E3-F575EADE1D87",
            "versionEndIncluding": "3.0.20"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21EE5409-82A4-403C-873C-9D526302D3A9"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88994AE4-5FCF-44D2-B490-5E1659E772CE"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D66AC3A-800E-44C1-AA65-080647982674"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D20B906-A4F2-4645-8FBB-9ACFE4DC7146"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BBC2E6C-ED74-4AE9-A034-4CE6A7E949F2"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3F74BC2-A71F-4F47-AAD0-748C36FAA0DA"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "559DC274-2CD1-4E1A-8795-03B4F811477D"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE67A15A-A80B-4CDC-8008-2C62C8421E30"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4213D073-0B59-400F-8C8D-E45DEDCEC17E"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80E8126B-4B37-4AA9-B024-0E9C7E279888"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A978D9D2-ECB8-46C6-AB51-4DAA69FCA3AE"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65F309AD-3A10-40A6-B780-8716209B1D64"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAD096E3-22DF-462A-811D-E8C819F2F34C"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1535E104-8ED7-44FC-AFE4-A843C4A01F38"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8DB8FDF-DFD7-4E61-A2EB-4AE0B2F4671E"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AC82B0A-78A6-4418-8B53-2A54A7EB606C"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD325EE4-DCF9-4728-859B-3FB8272017B7"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B45F1872-3EBF-4EEE-8E3F-3AB8F8ACB90E"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F932DDB7-5551-418C-BA64-ADEC2B62371D"
          },
          {
            "criteria": "cpe:2.3:a:cubecart:cubecart:3.0.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67E84998-7E48-46A8-A295-3949C15F989F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References