Ec-cube Sårbarheter

Tidslinje

Förra året

Version

2.12.015
2.12.115
2.12.215
2.11.014
2.11.214

Åtgärd

Official Fix13
Temporary Fix0
Workaround0
Unavailable0
Not Defined40

Utnyttjbarhet

High6
Functional0
Proof-of-Concept1
Unproven0
Not Defined46

Åtkomstvektor

Not Defined0
Physical0
Local0
Adjacent1
Network52

Autentisering

Not Defined0
High1
Low16
None36

Användarinteraktion

Not Defined0
Required26
None27

C3BM Index

Förra året

CVSSv3 Base

≤10
≤20
≤31
≤43
≤521
≤611
≤79
≤87
≤91
≤100

CVSSv3 Temp

≤10
≤20
≤31
≤43
≤522
≤610
≤711
≤85
≤91
≤100

VulDB

≤10
≤20
≤31
≤49
≤517
≤611
≤75
≤810
≤90
≤100

NVD

≤10
≤20
≤31
≤40
≤51
≤65
≤74
≤82
≤93
≤101

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Säljare

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Utnyttja 0-dagars

<1k12
<2k25
<5k15
<10k1
<25k0
<50k0
<100k0
≥100k0

Utnyttja idag

<1k49
<2k2
<5k1
<10k1
<25k0
<50k0
<100k0
≥100k0

Utnyttja marknadsvolymen

Förra året

🔴 CTI Aktiviteter

Affected Versions (97): 1.0, 1.1, 1.1.1, 1.2, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.4, 1.4.1, 1.4.2, 1.4.3, 1.4.4, 1.4.5, 1.4.6, 1.4.7, 1.5, 2, 2.0, 2.0.1, 2.1, 2.1.2, 2.1.2a, 2.2, 2.2.1, 2.3, 2.3.1, 2.3.3, 2.3.4, 2.4, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5, 2.11, 2.11.1, 2.11.2, 2.11.3, 2.11.4, 2.11.5, 2.12, 2.12.1, 2.12.2, 2.12.3, 2.12.3en, 2.12.3enp1, 2.12.3enp2, 2.12.4, 2.12.4en, 2.12.5, 2.12.5en, 2.12.6, 2.12.6en, 2.13, 2.13.1, 2.13.2, 2.13.3, 2.17, 2.17.1, 2.17.2-p1, 3, 3..4, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.11, 3.0.12, 3.0.12-p1, 3.0.13, 3.0.14, 3.0.15, 3.0.16, 3.0.17, 3.0.18, 3.0.18-p2, 3.0.18-p3, 3.0.18-p4, 4, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.5-p1, 4.0.6, 4.1, 4.1.1, 4.1.2

Programvarutyp: E-Commerce Management Software

PubliceradBaseTempSårbarhet0dayI dagUtnRemCTICVE
07/11/20237.67.6EC-CUBE Twig privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2023-46845
17/08/20234.14.1EC-CUBE Management Page cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2023-40281
06/03/20234.44.4EC-CUBE Authentication Key Setting cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-25077
06/03/20234.44.4EC-CUBE/EC-CUBE/and EC-CUBE cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-22838
06/03/20234.44.4EC-CUBE Contents Management cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-22438
28/09/20224.44.4EC-CUBE Page cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-38975
28/09/20222.72.7EC-CUBE kataloggenomgång$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-40199
25/02/20227.37.3EC-CUBE HTTP Header privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-25355
24/11/20214.34.2EC-CUBE förfalskning på begäran över webbplatsen$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-20842
24/11/20216.36.1EC-CUBE System Setting privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-20841

43 fler poster visas inte

🔒 Login Required

You need to signup and login to see more of the remaining 43 results.

TidigareÖversiktNästa

Interested in the pricing of exploits?

See the underground prices here!