cbcvebase.
CVE-2013-1465
published 2013-02-08

CVE-2013-1465: The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a…

PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
7.09%
93.4th percentile
The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows remote attackers to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config object.

Affected

1 ranges
VendorProductVersion rangeFixed in
cubecartcubecart5.0.0 – 5.2.0

Detection & IOCsextracted from sources · hover to see the quote

  • Monitor POST requests containing a 'shipping' parameter with base64url-encoded, serialized PHP object payloads targeting CubeCart's cubecart.class.php
  • Detect PHP object injection attempts via the 'shipping' POST parameter, particularly serialized 'Config' class objects which can abuse the __destruct() method to write arbitrary values to the database
  • Flag HTTP POST requests to CubeCart where the 'shipping' parameter value is base64url-encoded and decodes to a PHP serialized object string (beginning with 'O:' or 'a:' patterns)
  • ·The vulnerability exists in CubeCart versions 5.0.0 through 5.2.0 only; version 5.2.1 and higher are patched. Detections should be scoped to these affected versions.
  • ·The attack vector is specifically the 'shipping' POST parameter processed in the _basket method of classes/cubecart.class.php at line 521; detection rules should target this specific file and parameter.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.