Remote PHP Code Injection Vulnerability in LOCKON EC-CUBE 2.11.2 through 2.12.4

Remote PHP Code Injection Vulnerability in LOCKON EC-CUBE 2.11.2 through 2.12.4

CVE-2013-3651 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduct unspecified PHP code-injection attacks via a crafted string, related to data/class/SC_CheckError.php and data/class/SC_FormParam.php.

Learn more about our Web Application Penetration Testing UK.