2 matches found
CVE-2019-6017
The REMISE Payment Module (EC-CUBE), versions 3.0.12 and earlier (2.11–2.13), is affected by CVE-2019-6017, which enables a remote attacker to obtain information from the product due to an information disclosure vulnerability. The vulnerability is documented across multiple sources (NVD/Red Hat/J...
CVE-2019-6016
The CVE-2019-6016 issue affects the REMISE Payment Module for EC-CUBE (versions 3.0.12 and earlier). The root cause is lack of proper validation of client-side data, enabling a Cross-site Scripting (CWE-79) where an arbitrary script could be executed in the web browser of users accessing the prod...