Lucene search
China National Vulnerability DatabaseCNVD-2022-03133HistoryNov 12, 2021 - 12:00 a.m.
EC-CUBE improper access control vulnerability
2021-11-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
39.6%
EC-CUBE is an open source system for creating shopping websites. EC-CUBE version 2.11.2 - 2.17.1 contains an improper access control vulnerability in the administration interface. An attacker could use this vulnerability to change system settings without proper privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| LOCKON CO.LTD EC-CUBE >=2.11.2, | le | 2.17.1 |
Related
cve
cve
CVE-2021-20841
2021-11-24 16:15:13
prion
prion
Improper access control
2021-11-24 16:15:00
osv
osv
EC-CUBE Improper access control in Management screen
2021-11-25 00:00:38
CVE-2021-20841
2021-11-24 16:15:13
nvd
nvd
CVE-2021-20841
2021-11-24 16:15:13
github
github
EC-CUBE Improper access control in Management screen
2021-11-25 00:00:38
cvelist
cvelist
CVE-2021-20841
2021-11-24 08:25:41
jvn
jvn
JVN#75444925: Multiple vulnerabilities in EC-CUBE 2 series
2021-11-11 00:00:00