Back to search
CVE-2013-3654
Published: Jun 29, 2013
Modified: Sep 17, 2024
PUBLISHED
Description
Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_FormParam.php, a different vulnerability than CVE-2013-3650.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
JVNDB-2013-000065
third-party-advisory
x_refsource_JVNDB
http://www.ec-cube.net/info/weakness/20130626/index.php
x_refsource_CONFIRM
JVN#04161229
third-party-advisory
x_refsource_JVN
http://www.ec-cube.net/info/weakness/weakness.php?id=45
x_refsource_CONFIRM
http://svn.ec-cube.net/open_trac/changeset/22891
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now