Lucene search
K

EUVD-2023-51011

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType 
euvd
 euvd
🔗 euvd.enisa.europa.eu👁 4 Views

Arbitrary code execution vulnerability in EC-CUBE 3 and 4 series due to Twig settings errors.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
CNNVD
EC-CUBE Security Vulnerability
7 Nov 202300:00
cnnvd
CVE
CVE-2023-46845
7 Nov 202307:39
cve
Cvelist
CVE-2023-46845
7 Nov 202307:39
cvelist
Japan Vulnerability Notes
JVN#29195731: EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution
7 Nov 202300:00
jvn
Japan Vulnerability Notes
EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution
7 Nov 202304:47
jvn
NVD
CVE-2023-46845
7 Nov 202308:15
nvd
OSV
CVE-2023-46845
7 Nov 202307:39
osv
Prion
Remote code execution
7 Nov 202308:15
prion
Positive Technologies
PT-2023-30241 · Ec Cube +1 · Ec-Cube +1
7 Nov 202300:00
ptsecurity
Vulnrichment
CVE-2023-46845
7 Nov 202307:39
vulnrichment
Rows per page
[
  {
    "enisaIdVendor": [
      {
        "id": "12a52066-e3b0-3ff2-bc76-36e9e424428a",
        "vendor": {
          "name": "EC-CUBE CO.,LTD."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1f9a7c53-3d78-30e4-9caa-f82ea29a4cd1",
        "product": {
          "name": "EC-CUBE 4 series"
        },
        "product_version": "4.0.0 to 4.0.6-p3"
      },
      {
        "id": "603a6925-597c-3eb7-bf63-feaf80ab0c82",
        "product": {
          "name": "EC-CUBE 3 series"
        },
        "product_version": "3.0.0 to 3.0.18-p6"
      },
      {
        "id": "8e09a9b7-6edf-3b9d-a9bd-05634e919051",
        "product": {
          "name": "EC-CUBE 4 series"
        },
        "product_version": "and 4.2.0 to 4.2.2"
      },
      {
        "id": "f47ee179-8c92-328c-9cc4-25e5764f42b8",
        "product": {
          "name": "EC-CUBE 4 series"
        },
        "product_version": "4.1.0 to 4.1.2-p2"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 Oct 2025 20:07Current
7High risk
Vulners AI Score7
CVSS 3.17.2
EPSS0.01582
SSVC
4