Vulnerabilities (CVE)

Filtered by vendor Ec-cube Subscribe
Filtered by product Delivery Slip Number
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20735 1 Ec-cube 3 Delivery Slip Number, Delivery Slip Number Csv Bulk Registration, Delivery Slip Number Mail 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in ETUNA EC-CUBE plugins (Delivery slip number plugin (3.0 series) 1.0.10 and earlier, Delivery slip number csv bulk registration plugin (3.0 series) 1.0.8 and earlier, and Delivery slip number mail plugin (3.0 series) 1.0.8 and earlier) allows remote attackers to inject an arbitrary script by executing a specific operation on the management page of EC-CUBE.