SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and previous versions, 1.4.7 and previous versions, and 1.5.0-beta2 and previous versions; and Community Edition 1.3.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ec-cube ec-cube |
||
ec-cube ec-cube 1.3.4 |