EC-CUBE is an open source system for creating shopping websites. EC-CUBE version 2.11.2 - 2.17.1 contains an improper access control vulnerability in the administration interface. An attacker could use this vulnerability to change system settings without proper privileges.
CPE | Name | Operator | Version |
---|---|---|---|
LOCKON CO.LTD EC-CUBE >=2.11.2, | le | 2.17.1 |