Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Admin CP 404 Error XSS Vulnerability if "admin.php" path is known #2128
Discovered by Zekvan from Netsparker.
A Cross-site Scripting vulnerability is present in recent versions of CubeCart version 6 from 6.2.1 and below potentially delivering a malicious script to the merchants browser.
This vulnerability is only of concern if the admin URL is somehow disclosed to the attacker.