Input validation issue in EC-CUBE Payment Module (2.12) version 3.5.23 and previous versions, EC-CUBE Payment Module (2.11) version 2.3.17 and previous versions, GMO-PG Payment Module (PG Multi-Payment Service) (2.12) version 3.5.23 and previous versions, GMO-PG Payment Module (PG Multi-Payment Service) (2.11) version 2.3.17 and previous versions allows an attacker with administrative rights to execute arbitrary PHP code on the server via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gmo-pg gmo-pg_payment_module |
||
ec-cube ec-cube_payment_module |