CVE-2024-41924 | EC-CUBE PHP Package access control

Posted by Angelo Barbosa | Jul 30, 2024 | CVE

A vulnerability, which was classified as critical, was found in EC-CUBE. Affected is an unknown function of the component PHP Package Handler. The manipulation leads to improper access controls.

This vulnerability is traded as CVE-2024-41924. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-41924 | EC-CUBE PHP Package access control

Related Posts

CVE-2024-34345 | cyclonedx cyclonedx-library prior 6.7.1 xml external entity reference

CVE-2024-23828 | 0xJacky nginx-ui up to 2.0.0.beta.11 test_config_cmd/start_cmd crlf injection (GHSA-qcjq-7f7v-pvc8)

CVE-2023-46351 | MyPresta.eu Module Mib up to 1.6.0 on PrestaShop getManufacturersByCategory sql injection

CVE-2023-6976 | mlflow prior 2.9.2 Remote Filesystem unrestricted upload