CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-4991

SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and earlier, 1.4.7 and earlier, and 1.5.0-beta2 and earlier; and Community Edition 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.5%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2008-4991

Ec-Cube » Ec-Cube » Version: Any

cpe:2.3:a:ec-cube:ec-cube:*
Ec-Cube » Ec-Cube » Version: 1.1.1

cpe:2.3:a:ec-cube:ec-cube:1.1.1
Ec-Cube » Ec-Cube » Version: 1.2.0

cpe:2.3:a:ec-cube:ec-cube:1.2.0
Ec-Cube » Ec-Cube » Version: 1.3.0

cpe:2.3:a:ec-cube:ec-cube:1.3.0
Ec-Cube » Ec-Cube » Version: 1.3.1

cpe:2.3:a:ec-cube:ec-cube:1.3.1
Ec-Cube » Ec-Cube » Version: 1.3.2

cpe:2.3:a:ec-cube:ec-cube:1.3.2
Ec-Cube » Ec-Cube » Version: 1.3.3

cpe:2.3:a:ec-cube:ec-cube:1.3.3
Ec-Cube » Ec-Cube » Version: 1.3.4

cpe:2.3:a:ec-cube:ec-cube:1.3.4
Ec-Cube » Ec-Cube » Version: 1.4.1

cpe:2.3:a:ec-cube:ec-cube:1.4.1
Ec-Cube » Ec-Cube » Version: 1.4.2

cpe:2.3:a:ec-cube:ec-cube:1.4.2
Ec-Cube » Ec-Cube » Version: 1.4.3

cpe:2.3:a:ec-cube:ec-cube:1.4.3
Ec-Cube » Ec-Cube » Version: 1.4.4

cpe:2.3:a:ec-cube:ec-cube:1.4.4
Ec-Cube » Ec-Cube » Version: 1.4.6

cpe:2.3:a:ec-cube:ec-cube:1.4.6
Ec-Cube » Ec-Cube » Version: 1.4.7

cpe:2.3:a:ec-cube:ec-cube:1.4.7
Ec-Cube » Ec-Cube » Version: 1.5.0

cpe:2.3:a:ec-cube:ec-cube:1.5.0
Ec-Cube » Ec-Cube » Version: 2.0.0

cpe:2.3:a:ec-cube:ec-cube:2.0.0
Ec-Cube » Ec-Cube » Version: 2.0.1

cpe:2.3:a:ec-cube:ec-cube:2.0.1
Ec-Cube » Ec-Cube » Version: 2.1.0

cpe:2.3:a:ec-cube:ec-cube:2.1.0
Ec-Cube » Ec-Cube » Version: 2.1.2

cpe:2.3:a:ec-cube:ec-cube:2.1.2
Ec-Cube » Ec-Cube » Version: 2.2.0

cpe:2.3:a:ec-cube:ec-cube:2.2.0
Ec-Cube » Ec-Cube » Version: 2.3.0

cpe:2.3:a:ec-cube:ec-cube:2.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-4991

Products

Pricing

Contact Us