Authorization Bypass in EC-CUBE and EC-Orange Platforms
CVE-2014-0808

Currently unrated

Key Information:

Vendor

Ec-cube Co.,ltd.

Status
Ec-cube
Ec-orange
Vendor
CVE Published:
22 January 2014

What is CVE-2014-0808?

An authorization bypass vulnerability exists in EC-CUBE versions 2.11.0 to 2.12.2 and EC-Orange systems released before June 29, 2015. Attackers can exploit this weakness by sending crafted HTTP requests, allowing them unauthorized access to sensitive user information stored on affected shopping platforms. This compromise can lead to the exposure of personal data, underscoring the importance of immediate security updates to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

EC-CUBE 2.11.0 through 2.12.2

EC-Orange systems deployed before June 29th

EC-Orange 2015

References

http://www.ec-cube.net/info/weakness/weakness.php?id=57
http://jvn.jp/en/jp/JVN51770585/
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000006

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.