CVE-2013-3654 - CERT CVE
ID CVE-2013-3654
Sažetak Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_FormParam.php, a different vulnerability than CVE-2013-3650.
Reference
CVSS
Base: 5.0
Impact: 2.9
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL NONE NONE
CVSS vektor AV:N/AC:L/Au:N/C:P/I:N/A:N
Zadnje važnije ažuriranje 11-10-2013 - 16:50
Objavljeno 30-06-2013 - 19:28