ec-cube/ec-cube/.../ec-cube vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the ec-cube/ec-cube package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Improper Input Validation

>=4.0.0, <4.0.6-p5>=4.1.0, <4.1.2-p4>=4.2.0, <4.3.0
  • H
Improper Access Control

>4.0.5-p1, <4.0.6-p1
  • H
Improper Input Validation

>=3.0.5, <4.1-beta2
  • M
Improper Restriction of Rendered UI Layers or Frames

>=3.0.0, <4.1-beta2
  • M
Cross-site Scripting

>=4.0.0, <4.0.6
  • M
Cross-site Scripting

>=3.0.0, <4.0.6
  • M
Cross-site Scripting

>=4.0.0, <4.0.5-p1
  • M
URL Redirection to Untrusted Site ('Open Redirect')

>=3.0.0, <3.0.17
  • M
Cross-site Scripting (XSS)

>=4.0.0, <4.0.6-p3>=4.1.0, <4.1.2-p1>=4.2.0, <4.2.1
  • M
Cross-site Scripting (XSS)

<4.0.6-p3>=4.1.0, <4.1.2-p1>=4.2.0, <4.2.1
  • M
Cross-site Scripting (XSS)

>=4.0.0, <4.0.6-p3>=4.1.0, <4.1.2-p1>=4.2.0, <4.2.1
  • L
Directory Traversal

>=3.0.0, <4.2.0
  • M
Cross-site Scripting (XSS)

>=4.0.0, <4.2.0
  • L
Improper Control of Dynamically-Managed Code Resources

>=4.0-beta, <4.1.2
  • M
Directory Traversal

>=3.0.0, <4.0.4