4 matches found
CVE-2023-27919
Authentication bypass vulnerability in NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series all versions allows a remote unauthenticated attacker to alter the information stored in the system...
CVE-2023-27919
Authentication bypass vulnerability in NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series all versions allows a remote unauthenticated attacker to alter the information stored in the system...
CVE-2023-27919
CVE-2023-27919 describes an authentication bypass in the NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series) , affecting all versions. The vulnerability allows a remote unauthenticated attacker to alter information stored in the system. The provided documents do not include a published fix or...
EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass
Overview EC-CUBE plugin "NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series" provided by NE Inc. contains an authentication bypass vulnerability CWE-287. TSUKADA Nobuhisa of Seasoft reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...