Lucene search
K

51 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/05 3:36 a.m.9 views

EC-CUBE vulnerable to multi-factor authentication bypass

Overview EC-CUBE provided by EC-CUBE CO.,LTD. contains the following vulnerability. Authentication bypass using an alternate path or channel CWE-288 - CVE-2026-30777 EC-CUBE CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and EC-CUBE CO.,LT...

6.9CVSS5.8AI score0.00339EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.9 views

EC-CUBE 安全漏洞

EC-CUBE is an open-source e-commerce system developed by the Japanese company EC-CUBE. There is a security vulnerability in EC-CUBE, which stems from the possibility of bypassing multi-factor authentication. This vulnerability could allow attackers to access the management page without being...

6.9CVSS5.8AI score0.00339EPSS
Exploits0References2
NVD
NVD
added 2026/02/09 11:16 p.m.8 views

CVE-2026-25958

Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privilege escalation. This vulnerability is fixed in 1.5.13, 1.4.2, and 1.0.14...

7.7CVSS0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.10 views

CVE-2023-25077

Cross-site scripting vulnerability in Authentication Key Settings of EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0 allows a remote authenticated attacker to inject an arbitrary script...

5.4CVSS6.3AI score0.00558EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-4516

Malware in sbrugna...

4.3CVSS6.1AI score0.01223EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-4517

Malware in sbrugna...

4.3CVSS6.1AI score0.01065EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-4205

Malware in sbrugna...

5CVSS6.4AI score0.01524EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-4518

Malware in sbrugna...

4.3CVSS6.1AI score0.01223EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4536

Malicious code in bioql PyPI...

6.5CVSS5.7AI score0.00533EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5245

Malicious code in bioql PyPI...

6.1CVSS5.8AI score0.00655EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4259

Malicious code in bioql PyPI...

9.1CVSS4.8AI score0.02245EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4235

Malicious code in bioql PyPI...

8.1CVSS6.3AI score0.02059EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-8157

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00754EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-3535

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.02308EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-26600

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00692EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1137

Malicious code in bioql PyPI...

5.3CVSS4.6AI score0.01138EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-51011

Malicious code in bioql PyPI...

7.2CVSS7AI score0.01582EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-26949

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00538EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/24 9:30 p.m.3 views

Prototype Pollution

Overview node-cube is an a new way to write js in browser Affected versions of this package are vulnerable to Prototype Pollution via the resource initialization process. An attacker can inject properties into the prototype of built-in objects by supplying crafted input, potentially leading to...

6.5CVSS8.3AI score0.00382EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/09/24 9:30 p.m.8 views

@orca-fe/datav-cli (>=2.8.3 <=2.9.4), @shuji-components/sjv-cli (=0.0.3) +4 more potentially affected by CVE-2025-57348 via node-cube (>=0.0.10 <=5.0.0-beta.28)

node-cube NPM version =0.0.10, =2.8.3, =0.0.1, =1.0.2, =1.0.0, =0.0.1, =1.0.9 Source cves: CVE-2025-57348 Source advisory: SNYK:JS-NODECUBE-13109830...

6.5CVSS5.8AI score0.00382EPSS
Exploits0
Rows per page
Query Builder