A vulnerability, which was classified as critical, was found in EC-CUBE. Affected is an unknown function of the component PHP Package Handler. The manipulation leads to improper access controls.

This vulnerability is traded as CVE-2024-41924. The attack needs to be approached within the local network. There is no exploit available.