High severity7.2NVD Advisory· Published Sep 7, 2018· Updated Jun 17, 2026
CVE-2018-0658
CVE-2018-0658
Description
Input validation issue in EC-CUBE Payment Module (2.12) version 3.5.23 and earlier, EC-CUBE Payment Module (2.11) version 2.3.17 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.12) version 3.5.23 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.11) version 2.3.17 and earlier allows an attacker with administrative rights to execute arbitrary PHP code on the server via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <=3.5.23
- Range: <=3.5.23
- Gmo Payment Gateway, Inc./Ec Cube Payment Module And Gmo Pg Payment Module (pg Multi Payment Service) For Ec Cubev5Range: (EC-CUBE Payment Module (2.12) version 3.5.23 and earlier, EC-CUBE Payment Module (2.11) version 2.3.17 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.12) version 3.5.23 and earlier, and GMO-PG Payment Module (PG Multi-Payment Service) (2.11) version 2.3.17 and earlier)
Patches
Vulnerability mechanics
References
1- jvn.jp/en/jp/JVN06372244/index.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.