Al Brookbanks Posted January 23, 2017 Share Posted January 23, 2017 A security directory traversal vulnerability has been discovered in all version of CubeCart version 6. CubeCart version 6.1.4 has been release which patches this. We recommend that all merchants upgrade to 6.1.4 or patch their store as soon as possible. Manual Patch: https://github.com/cubecart/v6/commit/8f1ec4e87c58e60e7fd865eabc6a1ab2b721729cDownload: CubeCart-6.1.4.zip We would like to pass on our warm thanks to all the staff at Japan Computer Emergency Response Team (JPCERT) Coordination Center for discovering this issue and for handling it so professionally. Link to comment Share on other sites More sharing options...
Recommended Posts