Information from EC-CUBE CO.,LTD.

Vulnerability ID:JVN#48324254
Title:EC-CUBE 4 Series improper input validation when installing plugins
Status:Vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.