CVE-2026-35496 | CubeCart up to 6.5.x path traversal

April 17, 2026 Yanac

A vulnerability classified as critical has been found in CubeCart up to 6.5.x. This issue affects some unknown processing. This manipulation causes path traversal.

This vulnerability is handled as CVE-2026-35496. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-21719 | CubeCart up to 6.5.x os command injection
CVE-2026-6483 | Wavlink WL-WN530H4 20220721 /cgi-bin/internet.cgi strcat/snprintf os command injection