Known Vulnerabilities for products from EC-CUBE CO.LTD.

Listed below are 4 of the newest known vulnerabilities associated with the vendor "EC-CUBE CO.LTD.".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-20842 Cross-site request forgery (CSRF) vulnerability in EC-CUBE 2 series 2.11.0 to 2.17.1 allows a remote attacker to hijack the a... 6.5 - MEDIUM 2021-11-24 2021-11-24
CVE-2021-20841 Improper access control in Management screen of EC-CUBE 2 series 2.11.2 to 2.17.1 allows a remote authenticated attacker to b... 6.5 - MEDIUM 2021-11-24 2021-11-24
CVE-2021-20828 Cross-site scripting vulnerability in Order Status Batch Change Plug-in (for EC-CUBE 3.0 series) all versions allows a remote... 6.1 - MEDIUM 2021-09-17 2021-09-17
CVE-2021-20825 Cross-site scripting vulnerability in List (order management) item change plug-in (for EC-CUBE 3.0 series) Ver.1.1 and earlie... 6.1 - MEDIUM 2021-09-17 2021-09-17

Popular searches for "EC-CUBE CO.LTD."

コントローラー | EC-CUBE 3.0 開発ドキュメント

doc.ec-cube.net/plugin_bp_controller

@ < | EC-CUBE 3.0 Tags: plugin 2021 EC-CUBE co,.ltd..

Application software Plug-in (computing) Tag (metadata) Hypertext Transfer Protocol World Wide Web URL HTTP cookie All rights reserved System administrator Symfony Mobile app GitHub Namespace Web API Splashtop OS Mount (computing) European Commission Authorization Form (HTML) Component video

エンティティ、リポジトリ | EC-CUBE 3.0 開発ドキュメント

doc.ec-cube.net/plugin_bp_db

C-CUBE 3.0 Category plg profile Tags: plugin 2021 EC-CUBE co,.ltd..

Application software Plug-in (computing) Tag (metadata) SGML entity World Wide Web Software repository HTTP cookie All rights reserved Nullable type GitHub Signedness Mobile app Subroutine Web API Customer Splashtop OS Repository (version control) European Commission Authorization Vendor