The number one free & open source eCommerce system.
"One of the best and easiest shopping carts to use ever. I have tried a couple for my business but this is by far the best. Support is second to none."Ernie
CubeCart Screenshots
  • Open Source

    CubeCart is 100% free and completely customisable.
  • Extend

    A plethora of extensions are available from payment gateways to shipping calculators.
  • Technical Support

    Professional technical support is available directly from our developers.

Hosted

Get an instant CubeCart hosted store free for 14 days.
No risk, and no credit card required.

CubeCart Hosted - 1 month free!

Download

Self manage on 3rd party Linux web hosting.
License: GPL 3.0 • GitHub: cubecart/v6

Download 6.5.3

What is CubeCart?

Whether you are a retailer looking for an online store or a webmaster seeking an ecommerce solution for a client… CubeCart is a powerful free ecommerce solution enabling thousands of merchants globally to sell digital or physical products online.


Latest News

CubeCart 6.5.3 Released - Security Update

Many thanks to Gen Sato from Mitsui Bussan Secure Directions, Inc. for responsibly reporting a number of security issues found in all version of CubeCart up to 6.5.3. Please note that these vulnerabilities are executable if a bad actor has authenticated into the back end of the victims store.

Vulnerabilities

  1. Directory traversal (any file download) - GitHub Issue #3410 
  2. Directory traversal (deletion of arbitrary files and directories) - GitHub Issue #3409
  3. CSRF bypassing CSRF token checks - GitHub Issue #3408
  4. OS Command Injection - This vulnerability concerns the ability for the Smarty template engine to be able to execute dangerous functions.

    e.g. 
    {system('echo ^<?php phpinfo(); > C:/xampp/htdocs/testout.php')}

    No patch has been created for this vulnerability but instead we strongly recommend disabling dangerous PHP functions as recommended by our free CubeCart Security Suite. We suggest disabling the following PHP functions with your php.ini file then restarting the web server. 

    disable_functions = exec, system, passthru, pcntl_exec, popen, proc_open, shell_exec

This release also patches a number of other maintenance updates

Upgrading to 6.5.3 is highly recommended. If for some reason you are unable to upgrade to this version it is possible to find the code patches for each vulnerability within each GitHub issue above. If you require help, technical support is available. 

Download: CubeCart-6.5.3.zip

 

Permalink | 30th October 2023 10:40


CubeCart 6.5.2 Released

We are pleased to announce the release of 6.5.2.

What's New?

#3304 Back-office 404 log. Discover external URL's that have no destination and use the existing redirect tool to fix them.
#3131 Back-office category list now shows product count.
#3229 Escape key now closes back office search pull out.
#3243 Memory added to back office list size (Products, Orders, Customers).
#3275 Administrator log to show more detailed info. e.g. The item that was edited.
#3299 Improved back office request log layout with header logging.
#3331 "Save & Reload" button added to category edit add/page.
#3332 Google Universal Analytics removed in favour of new extension.
#3346 Back-office customer list to show their chosen language.
#3347 hCaptcha officially supported as an alternative to Google reCAPTCHA. This requires skin updates.
#3348 Back-office now logs actions of cleaning subscriber log.

See all 112 closed issues for this version. 

Download: CubeCart-6.5.2.zip

Need help upgrading or require official technical support? Find out more at https://www.cubecart.com/technical-support

Permalink | 1st September 2023 15:53


Apple Pay and other new features are now available with PayPal Commerce!

With advanced features of the latest PayPal integration, you can accept PayPal, Pay Later, and Venmo* — plus Apple Pay®**, local payment methods from around the world, and process all major credit and debit cards.

Offer Apple Pay®**:
Apple Pay® is a fast, simple, and secure way to pay in millions of places online and in-store. It’s built into Apple Wallet® and available on eligible Apple® devices.

Save payment details:
Automatically save customer card, billing, and shipping info for a fast, convenient checkout experience. This feature means returning shoppers don't have to re-enter payment information on future purchases — making for a simpler checkout that can help drive conversion.

Real-time account updater services:
When a replacement card is issued to a customer, real-time account updater services automatically update that new card information on the backend and helps reduce chances you’ll miss a sale due to customer stolen, lost, or expired cards.

Get more transparency with IC++ (US Only):
Interchange Plus Plus (IC++) is a pricing model that credit card processors use to calculate the fees associated with each transaction. Compared to flat-rate pricing, IC++ offers an added layer of transparency for eligible merchants. Learn more about IC++.

Competitive transaction fees:
Card processing fees that are competitively priced for the marketplace.  Apple Pay® does not charge any additional fees.

How to enable ApplePay in CubeCart
Install our free PayPal Commerce extension. From the extension configuration page, check the box next to Apple Pay. Follow the instructions from there to enable Apple Pay.


* Venmo only available for US consumers.
** Apple, Apple Pay, and Apple Wallet are registered trademarks of Apple Inc.

Permalink | 23rd August 2023 09:18


CubeCart 6.5 Released - Featuring Search-as-you-type (Powered by Elasticsearch)

We are very excited to announce the release of CubeCart 6.5. 

After huge demand for improved search this version features a totally new search engine powered by Elasticsearch. This will allow your customers to locate products faster and with more relevance. An interactive search-as-you-type tool allows for immediate product access (see video below).

Elasticsearch is included as standard with official CubeCart Hosting and our staff will make any code changes necessary for it to work with custom or 3rd party skins. Alternatively please contact your hosting company to check for Elasticsearch availability. For more information talk to us at [email protected].

Download: CubeCart-6.5.0.zip
Download: CubeCart-6.5.1.zip

Developer Notes: 
For those using a custom or 3rd party skins Elasticsearch will need coding. The following attached document picks out the HTML, CSS and JS changes required. Please note that we can offer this service under our technical support services and to new and existing CubeCart hosted merchants.
6.5 - Elasticsearch Skin Changes.html

 

Permalink | 28th March 2023 14:17


Are you still using an old version PayPal? How to check and why you need to upgrade..

Am I using an old version?

Many CubeCart merchants are still using old PayPal integrations. To check please login to the back office of your store. Go to Manage Extensions and look for PayPal Commerce. If your PayPal integration has a different name then it's time to upgrade.

large_PayPalUK_Migration_Email_Branded_Checkout_Image_Partner.png


The new PayPal integration offers, Pay in 3, debit and credit cards,
and a better checkout experience for your customers. It’s free and easy to setup.


Great new features - No additional cost.


Includes Pay in 3 at no additional cost.
With Pay in 31, your customers can pay over time, while you get paid up front.

Comes with Venmo and NextGen appeal (US only)
Venmo users spend 2X more annually on online purchases then other online buyers.2 And it's a popular payment option for Millennial and Gen Z shoppers.3

Add credit and debit card processing.
Accept all major credit and debit cards, even if your customers don’t have accounts with PayPal. Keep the entire checkout flow on your site for a seamless shopping experience. 

Improved checkout to help grow sales.
We streamlined the checkout process to help speed up customer transaction times and reduce cart abandonment — especially for those on mobile.

Accept country-specific payment methods. 
Offer your international customers their preferred payment options to help drive conversion. 

AI fraud detection.
Our AI software helps protect your business against fraud and evolving cyber threats to promote peace of mind for your business and customers.

Did we mention it’s free?
This free PayPal update is already available for your CubeCart store. Simply install the PayPal Commerce extension found at https://www.cubecart.com/extensions/plugins/paypal-commerce by following the instructions in the Documentation tab. Once connected your old PayPal integrations should be disabled automatically. 

To check they have been disabled please login to the back office of your store and got to Manage Extensions. From here please ensure that the checkbox next to each of the old PayPal extensions is unchecked. There should only be one PayPal extension enabled, PayPal Commerce. 

Update Now

 

1 Pay in 3 availability is subject to merchant status and integration. Consumer eligibility is subject to status and approval. Pay in 3 is a form of credit, may not be suitable for everyone and use may affect consumer’s credit scores. See product terms for more details.

2 50% of Venmo users are more likely to have a high household income than online payment users overall. Source: Statista Global Consumer Survey as on July 2020. The target population are internet users in U.S. between 18 and 64 years of age.

3 Venmo is a popular payment option for Millennial and Gen Z shoppers. Source: Statista Global Consumer Survey of 682 Venmo users, July 2020. The target population is internet users in the U.S. between 18 and 64 years of age.
 

Permalink | 9th March 2023 10:28

  • BarclayCard Partner Logo
  • Chronopay Logo
  • eWay Logo
  • Nochex Logo
  • Skrill Logo
  • PayPoint.net Logo
  • Payment Sense Logo
  • PayPal Partner Logo
  • PayVector Logo
  • SagePay Partner Logo
  • Total Web Solutions Logo
  • Worlday Logo