Database Search
Results 1-61 of 61 | 1 |
ID | Title | CVSSv3 | CVSSv2 | Date Public |
Date Last Updated |
---|---|---|---|---|---|
JVNDB-2023-000107 (JVN#29195731) |
EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution | 7.2 | 6.5 | 2023/11/07 | 2023/11/07 |
JVNDB-2023-000082 (JVN#46993816) |
EC-CUBE 2 series vulnerable to cross-site scripting | 4.8 | 2.1 | 2023/08/17 | 2024/03/25 |
JVNDB-2023-000038 (JVN#50862842) |
EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass | 5.3 | 5.0 | 2023/04/19 | 2023/04/19 |
JVNDB-2023-000019 (JVN#04785663) |
Multiple cross-site scripting vulnerabilities in EC-CUBE | 5.4 | 3.5 | 2023/02/28 | 2023/02/28 |
JVNDB-2022-000073 (JVN#21213852) |
Multiple vulnerabilities in EC-CUBE | 2.7 | 4.0 | 2022/09/15 | 2022/09/21 |
JVNDB-2022-000072 (JVN#30900552) |
EC-CUBE plugin "Product Image Bulk Upload Plugin" vulnerable to insufficient verification in uploading files | 6.3 | 5.1 | 2022/09/15 | 2022/09/15 |
JVNDB-2022-000034 (JVN#46241173) |
EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery | 4.3 | 2.6 | 2022/05/13 | 2022/05/13 |
JVNDB-2022-000015 (JVN#53871926) |
EC-CUBE improperly handles HTTP Host header values | 3.1 | 2.6 | 2022/02/22 | 2022/02/22 |
JVNDB-2022-000013 (JVN#67108459) |
EC-CUBE plugin "Mail Magazine Management Plugin" vulnerable to cross-site request forgery | 3.1 | 2.6 | 2022/02/22 | 2022/02/22 |
JVNDB-2021-000100 (JVN#75444925) |
Multiple vulnerabilities in EC-CUBE 2 series | 4.3 | 4.0 | 2021/11/11 | 2021/11/11 |
JVNDB-2021-000083 (JVN#23406150) |
EC-CUBE plugin "Order Status Batch Change Plug-in" vulnerable to cross-site scripting | 6.1 | 4.3 | 2021/09/16 | 2021/09/16 |
JVNDB-2021-000082 (JVN#46313661) |
EC-CUBE plugin "List (order management) item change plug-in" vulnerable to cross-site scripting | 6.1 | 4.3 | 2021/09/13 | 2021/09/13 |
JVNDB-2021-000059 (JVN#57942445) |
EC-CUBE fails to restrict access permissions | 7.5 | 5.0 | 2021/07/01 | 2021/07/01 |
JVNDB-2021-000057 (JVN#95292458) |
Multiple cross-site scripting vulnerabilities in EC-CUBE | 6.1 | 2.6 | 2021/06/23 | 2021/06/23 |
JVNDB-2021-000051 (JVN#57524494) |
Multiple cross-site scripting vulnerabilities in multiple EC-CUBE plugins provided by EC-CUBE | 7.1 | 6.8 | 2021/06/16 | 2021/06/16 |
JVNDB-2021-000049 (JVN#79254445) |
Multiple ETUNA EC-CUBE plugins vulnerable to cross-site scripting | 6.1 | 4.3 | 2021/06/15 | 2021/06/16 |
JVNDB-2021-000035 (JVN#97554111) |
EC-CUBE vulnerable to cross-site scripting | 7.1 | 6.8 | 2021/05/10 | 2021/05/10 |
JVNDB-2020-000080 (JVN#24457594) |
Multiple vulnerabilities in EC-CUBE | 5.3 | 5.0 | 2020/12/03 | 2020/12/03 |
JVNDB-2020-000039 (JVN#77458946) |
EC-CUBE vulnerable to directory traversal | 4.3 | 3.5 | 2020/06/18 | 2020/06/18 |
JVNDB-2019-000063 (JVN#59436681) |
Multiple vulnerabilities in EC-CUBE module "REMISE Payment module (2.11, 2.12 and 2.13)" | 5.3 | 5.0 | 2019/10/07 | 2019/10/07 |
JVNDB-2019-000051 (JVN#29343839) |
EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" vulnerable to cross-site scripting | 6.1 | 2.6 | 2019/08/07 | 2019/08/07 |
JVNDB-2018-000127 (JVN#25359688) |
EC-CUBE vulnerable to open redirect | 4.7 | 2.6 | 2018/11/28 | 2019/08/28 |
JVNDB-2018-000086 (JVN#06372244) |
Multiple vulnerabilities in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE | 3.8 | 3.5 | 2018/08/09 | 2018/08/09 |
JVNDB-2018-000035 (JVN#52695336) |
EC-CUBE vulnerable to session fixation | 4.2 | 5.8 | 2018/04/17 | 2018/08/22 |
JVNDB-2016-000130 (JVN#40696431) |
EC-CUBE plugin "Coupon Plugin" vulnerable to SQL injection | 6.5 | 6.4 | 2016/07/22 | 2016/08/04 |
JVNDB-2016-000057 (JVN#63384827) |
Multiple shiro8 Co., Ltd. freearea_ addition_plugins for EC-CUBE vulnerable to cross-site scripting | 6.1 | 2.6 | 2016/04/26 | 2016/05/25 |
JVNDB-2016-000053 (JVN#73776243) |
EC-CUBE vulnerable to cross-site request forgery | 4.3 | 2.6 | 2016/04/26 | 2016/05/31 |
JVNDB-2016-000052 (JVN#11458774) |
EC-CUBE fails to restrict access permissions | 5.4 | 5.5 | 2016/04/26 | 2016/05/31 |
JVNDB-2016-000051 (JVN#47473944) |
EC-CUBE fails to restrict access permissions | 5.3 | 5.0 | 2016/04/26 | 2016/05/31 |
JVNDB-2016-000048 (JVN#78482127) |
EC-CUBE plugin "Social-button Plugin Premium" and "Social-button Plugin" vulnerable to cross-site scripting | 6.1 | 4.3 | 2016/04/08 | 2016/05/06 |
JVNDB-2016-000027 (JVN#31524757) |
EC-CUBE plugin "Help plug-in" vulnerable to SQL injection | 7.3 | 7.5 | 2016/02/19 | 2016/03/03 |
JVNDB-2015-000190 (JVN#55545372) |
EC-CUBE plugin BbAdminViewsControl vulnerable to SQL injection | 5.4 | 5.5 | 2015/12/03 | 2016/07/07 |
JVNDB-2015-000166 (JVN#97278546) |
EC-CUBE vulnerable to cross-site request forgery | - | 5.1 | 2015/10/26 | 2015/11/13 |
JVNDB-2014-000006 (JVN#51770585) |
EC-CUBE vulnerable to authorization bypass | - | 5.0 | 2014/01/22 | 2024/03/28 |
JVNDB-2014-000005 (JVN#17849447) |
EC-CUBE vulnerable to information alteration | - | 5.0 | 2014/01/22 | 2014/01/27 |
JVNDB-2013-000107 (JVN#06377589) |
EC-CUBE vulnerable to cross-site scripting | - | 4.3 | 2013/11/20 | 2013/11/22 |
JVNDB-2013-000106 (JVN#55630933) |
EC-CUBE information disclosure vulnerability | - | 5.5 | 2013/11/20 | 2013/11/22 |
JVNDB-2013-000105 (JVN#38790987) |
EC-CUBE vulnerable to cross-site scripting | - | 2.6 | 2013/11/20 | 2013/11/22 |
JVNDB-2013-000104 (JVN#61077110) |
EC-CUBE vulnerable to information disclosure | - | 4.3 | 2013/11/20 | 2013/11/22 |
JVNDB-2013-000098 (JVN#06870202) |
EC-CUBE information disclosure vulnerability | - | 5.0 | 2013/11/20 | 2013/11/22 |
JVNDB-2013-000097 (JVN#11221613) |
EC-CUBE vulnerable to cross-site request forgery | - | 2.6 | 2013/11/20 | 2013/11/22 |
JVNDB-2013-000081 (JVN#15973066) |
EC-CUBE vulnerable to directory traversal when used in Windows | - | 5.0 | 2013/08/30 | 2013/09/02 |
JVNDB-2013-000065 (JVN#04161229) |
EC-CUBE vulnerable to directory traversal | - | 5.0 | 2013/06/27 | 2013/07/02 |
JVNDB-2013-000064 (JVN#98665228) |
EC-CUBE vulnerable to cross-site scripting | - | 2.6 | 2013/06/27 | 2013/07/02 |
JVNDB-2013-000063 (JVN#07192063) |
EC-CUBE vulnerable to cross-site scripting | - | 4.3 | 2013/06/27 | 2013/07/02 |
JVNDB-2013-000062 (JVN#34900750) |
EC-CUBE vulnerable to code injection | - | 7.5 | 2013/06/27 | 2013/07/02 |
JVNDB-2013-000061 (JVN#43886811) |
EC-CUBE vulnerable to directory traversal | - | 5.0 | 2013/06/27 | 2013/07/02 |
JVNDB-2013-000044 (JVN#39699406) |
EC-CUBE vulnerable to information disclosure as a result of improper input checking | - | 5.0 | 2013/05/23 | 2013/05/23 |
JVNDB-2013-000043 (JVN#45306814) |
EC-CUBE fails to restrict access permissions | - | 6.4 | 2013/05/23 | 2013/06/03 |
JVNDB-2013-000042 (JVN#00985872) |
EC-CUBE vulnerable to session fixation | - | 4.0 | 2013/05/23 | 2013/05/23 |
JVNDB-2013-000041 (JVN#52552792) |
EC-CUBE vulnerable to cross-site scripting | - | 4.3 | 2013/05/23 | 2013/05/23 |
JVNDB-2011-000087 (JVN#44496332) |
EC-CUBE vulnerable to SQL injection | - | 5.0 | 2011/10/14 | 2011/10/14 |
JVNDB-2011-000029 (JVN#37878530) |
EC-CUBE vulnerable to cross-site request forgery | - | 2.6 | 2011/05/10 | 2011/05/11 |
JVNDB-2011-000011 (JVN#84393059) |
EC-CUBE vulnerable to cross-site scripting | - | 4.3 | 2011/02/02 | 2011/02/02 |
JVNDB-2009-000078 (JVN#79762947) |
EC-CUBE information disclosure vulnerability | - | 5.0 | 2009/12/07 | 2009/12/07 |
JVNDB-2008-000075 (JVN#19072922) |
EC-CUBE vulnerable to SQL injection | - | 7.5 | 2008/11/06 | 2009/06/25 |
JVNDB-2008-000065 (JVN#81111541) |
EC-CUBE vulnerable to SQL injection | - | 7.5 | 2008/10/01 | 2008/10/01 |
JVNDB-2008-000064 (JVN#99916563) |
EC-CUBE cross-site scripting vulnerability | - | 4.3 | 2008/10/01 | 2008/10/01 |
JVNDB-2008-000063 (JVN#36085487) |
EC-CUBE cross-site scripting vulnerability | - | 4.3 | 2008/10/01 | 2008/10/01 |
JVNDB-2008-000062 (JVN#26621646) |
EC-CUBE cross-site scripting vulnerability | - | 4.3 | 2008/10/01 | 2008/10/01 |
JVNDB-2006-000781 (JVN#61543834) |
EC-CUBE cross-site scripting vulnerability | - | 4.3 | 2006/11/17 | 2008/05/21 |
Results 1-61 of 61 | 1 |