CVE-2006-4267 | Devellion CubeCart up to 3.0.11 confirmed.php x_invoice_num sql injection (EDB-2198 / Nessus ID 22231)
A vulnerability identified as critical has been detected in Devellion CubeCart up to 3.0.11. This impacts an unknown function of the file gateway/Protx/confirmed.php. Performing manipulation of the argument x_invoice_num results in sql injection.
This vulnerability is reported as CVE-2006-4267. The attack is possible to be carried out remotely. Moreover, an exploit is present.