PT-2015-7607 · Ec Cube · Ec-Cube
Gen Sato
·
Publicado
2015-12-30
·
Atualizado
2015-12-30
·
CVE-2015-7784
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
EC-CUBE BbAdminViewsControl213 plugin versions prior to 1.1
EC-CUBE BbAdminViewsControl plugin versions prior to 2.1
Description
The issue allows remote authenticated users to execute arbitrary SQL commands.
Recommendations
For EC-CUBE BbAdminViewsControl213 plugin versions prior to 1.1, update to version 1.1 or later.
For EC-CUBE BbAdminViewsControl plugin versions prior to 2.1, update to version 2.1 or later.
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ec-Cube