CVE-2016-1154 in EC-CUBEinfo

Summary

SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

12/25/2015

Disclosure

02/19/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-89

CVSS

8.2

EPSS

0.00878

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-1154
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-1154
CVE Details	https://www.cvedetails.com/cve/CVE-2016-1154/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!