CVE-2021-20778
packagist/ec-cube/ec-cube
Improper Access Control
Improper access control vulnerability in EC-CUBE (EC-CUBE 4 series) allows a remote attacker to bypass access restriction and obtain sensitive information via unspecified vectors.
Version 4.0.6
Upgrade to version 4.0.6-p1 or above.
2021-07-12
source |