Published: 2022/09/15  Last Updated: 2022/09/15

Information from EC-CUBE CO.,LTD.

Vulnerability ID:JVN#30900552
Title:EC-CUBE plugin "Product Image Bulk Upload Plugin" vulnerable to insufficient verification in uploading files

This is a statement from the vendor itself with no modification by JPCERT/CC.

The details of the vulnerability and how to fix it are described below.