CVE-2013-3654

Publication date

2013-06-29 19:00:00

Family

jpcert

State

PUBLISHED

Description

Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_FormParam.php, a different vulnerability than CVE-2013-3650.