EC-CUBE Improper input validation vulnerability

2022-05-2417:35:20

Google

osv.dev

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.5%

JSON

Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to 3.0.18 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vector.

CPENameOperatorVersion
ec-cube/ec-cubeeq3.0.9
ec-cube/ec-cubeeq3.0.18
ec-cube/ec-cubeeq3.0.11
ec-cube/ec-cubeeq3.0.12-p1
ec-cube/ec-cubeeq3.0.7
ec-cube/ec-cubeeq3.0.13
ec-cube/ec-cubeeq3.0.17
ec-cube/ec-cubeeq3.0.10
ec-cube/ec-cubeeq3.0.11-RC
ec-cube/ec-cubeeq3.0.12

Name	Operator	Version
ec-cube/ec-cube	eq	3.0.9
ec-cube/ec-cube	eq	3.0.18
ec-cube/ec-cube	eq	3.0.11
ec-cube/ec-cube	eq	3.0.12-p1
ec-cube/ec-cube	eq	3.0.7
ec-cube/ec-cube	eq	3.0.13
ec-cube/ec-cube	eq	3.0.17
ec-cube/ec-cube	eq	3.0.10
ec-cube/ec-cube	eq	3.0.11-RC
ec-cube/ec-cube	eq	3.0.12