Ec-cube Vulnerabilità

Sequenza temporale

L'anno scorso

Versione

2.12.0	15
2.12.1	15
2.12.2	15
2.11.0	14
2.11.2	14

Contromisure

Official Fix	13
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	40

Sfruttabilità

High	6
Functional	0
Proof-of-Concept	1
Unproven	0
Not Defined	46

Accesso al vettore

Not Defined	0
Physical	0
Local	0
Adjacent	1
Network	52

Autenticazione

Not Defined	0
High	1
Low	16
None	36

Interazione dell'utente

Not Defined	0
Required	26
None	27

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	3
≤5	21
≤6	11
≤7	9
≤8	7
≤9	1
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	1
≤4	3
≤5	22
≤6	10
≤7	11
≤8	5
≤9	1
≤10	0

VulDB

≤1	0
≤2	0
≤3	1
≤4	9
≤5	17
≤6	11
≤7	5
≤8	10
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	1
≤4	0
≤5	1
≤6	5
≤7	4
≤8	2
≤9	3
≤10	1

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Fornitore

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 giorni

<1k	12
<2k	25
<5k	15
<10k	1
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	49
<2k	2
<5k	1
<10k	1
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (97): 1.0, 1.1, 1.1.1, 1.2, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.4, 1.4.1, 1.4.2, 1.4.3, 1.4.4, 1.4.5, 1.4.6, 1.4.7, 1.5, 2, 2.0, 2.0.1, 2.1, 2.1.2, 2.1.2a, 2.2, 2.2.1, 2.3, 2.3.1, 2.3.3, 2.3.4, 2.4, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5, 2.11, 2.11.1, 2.11.2, 2.11.3, 2.11.4, 2.11.5, 2.12, 2.12.1, 2.12.2, 2.12.3, 2.12.3en, 2.12.3enp1, 2.12.3enp2, 2.12.4, 2.12.4en, 2.12.5, 2.12.5en, 2.12.6, 2.12.6en, 2.13, 2.13.1, 2.13.2, 2.13.3, 2.17, 2.17.1, 2.17.2-p1, 3, 3..4, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.11, 3.0.12, 3.0.12-p1, 3.0.13, 3.0.14, 3.0.15, 3.0.16, 3.0.17, 3.0.18, 3.0.18-p2, 3.0.18-p3, 3.0.18-p4, 4, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.5-p1, 4.0.6, 4.1, 4.1.1, 4.1.2

Tipo di software: E-Commerce Management Software

Data di pubblicazione	Base	Temp	Vulnerabilità	0day	Oggi	Sfr	Con	CTI	CVE
07/11/2023	7.6	7.6	EC-CUBE Twig escalazione di privilegi	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	CVE-2023-46845
17/08/2023	4.1	4.1	EC-CUBE Management Page cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-40281
06/03/2023	4.4	4.4	EC-CUBE Authentication Key Setting cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-25077
06/03/2023	4.4	4.4	EC-CUBE/EC-CUBE/and EC-CUBE cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-22838
06/03/2023	4.4	4.4	EC-CUBE Contents Management cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2023-22438
28/09/2022	4.4	4.4	EC-CUBE Page cross site scripting	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-38975
28/09/2022	2.7	2.7	EC-CUBE directory traversal	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-40199
25/02/2022	7.3	7.3	EC-CUBE HTTP Header escalazione di privilegi	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-25355
24/11/2021	4.3	4.2	EC-CUBE cross site request forgery	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2021-20842
24/11/2021	6.3	6.1	EC-CUBE System Setting escalazione di privilegi	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2021-20841

43 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 43 results.

◂ PrecedenteVisione D'insiemeIl prossimo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!

Ec-cube Vulnerabilità

Sequenza temporale

L'anno scorso

Versione

Contromisure

Sfruttabilità

Accesso al vettore

Autenticazione

Interazione dell'utente

C3BM Index

L'anno scorso

CVSSv3 Base

CVSSv3 Temp

VulDB

NVD

CNA

Fornitore

Research

Exploiter 0 giorni

Exploiter aujourd'hui

Sfrutta il volume del mercato

L'anno scorso

🔴 CTI Attività

🔒 Login Required

Might our Artificial Intelligence support you?