Security Advisory

CVE-2013-3654

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-06-29 19:00:00

Last updated 2024-09-17 03:54:12

Assigner jpcert

State PUBLISHED

Description

Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_FormParam.php, a different vulnerability than CVE-2013-3650.

← Browse all CVEs View on cve.org ↗