Intrusion Prevention

PHP.preview.php.FILE.Parameter.XSS

Description

It indicates a possible exploit of a cross-site scripting vulnerability in CubeCart.

Affected Products

CubeCart CubeCart 3.0.11
CubeCart CubeCart 3.0.7 -pl1
CubeCart CubeCart 3.0.7
CubeCart CubeCart 3.0.6
CubeCart CubeCart 3.0.4
CubeCart CubeCart 3.0.3

Impact

The execution of arbitrary web script or HTML on the system.

Recommended Actions

Upgrade to the latest version of the vulnerable software.

CVE References

CVE-2006-4268