Cross-site scripting vulnerability in ETUNA EC-CUBE plugins (Delivery slip number plugin (3.0 series) 1.0.10 and previous versions, Delivery slip number csv bulk registration plugin (3.0 series) 1.0.8 and previous versions, and Delivery slip number mail plugin (3.0 series) 1.0.8 and previous versions) allows remote malicious users to inject an arbitrary script by executing a specific operation on the management page of EC-CUBE.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ec-cube delivery slip number |
||
ec-cube delivery slip number csv bulk registration |
||
ec-cube delivery slip number mail |