CubeCart 4 session management bypass leads to administrator access
Release Date: 2009/10/29 Author: Bogdan Calin (bogdan [at] acunetix [dot] com) Severity: Critical Vendor Status: Vendor has released an updated version Release Date : 2009/10/29 Author : Bogdan Calin (bogdan [at] acunetix [dot] com) Severity : Critical Vendor Status : Vendor has released an updated version I. Background From Wikipedia : CubeCart is a free-to-use eCommerce software solution, designed to allow individuals and businesses sell tangible and digital goods on line. CubeCart is not Open Source software, although full source code is available at no cost, and the custom licensing model allows for customisation of the code
Go here to read the rest:
CubeCart 4 session management bypass leads to administrator access