CVE-2026-35496

· NIST NVD ↗

A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible.

LOW
CVSS severity
2.7
CVSS base score
2026-04-17
Published

CWE codes

CWE-22

Affected products

cubecart:cubecart

Sources