CubeCart versions 3.0.11 and below "x_invoice_num" blind SQL injection / admin credentials disclosure exploit.
5e9a928c7148b01b50cad53afece6f67472f69766063fd0ca94325e988350bad
CubeCart versions 3.0.11 and below "oid" blind SQL injection / admin credentials disclosure exploit.
b0668df87bb7d60eceafe98ac84e2fe759a486ec5184e33da418856352982331
CubeCart versions 3.0.11 and below suffer from cross site scripting flaws.
fd87e86a0f7bedddd0d3276475643923cdef6f516abe98d1222d6d97efeb0050