Arbitrary Image File Read Vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4
CVE-2013-3654 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_FormParam.php, a different vulnerability than CVE-2013-3650.
Learn more about our Web Application Penetration Testing UK.