CVE-2026-34018

MEDIUM CVSS 6.3 View on NVD ↗

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Published: Apr 17, 2026 06:16 UTC Modified: Apr 17, 2026 15:08 UTC