CVE-2024-33438

File Upload vulnerability in CubeCart before 6.5.5 allows an authenticated user to execute arbitrary code via a crafted .phar file.

More information : https://forums.cubecart.com/topic/59046-cubecart-655-released-minor-security-update/