CVE-2009-4236

2009-12-08T23:30:00
ID CVE-2009-4236
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:31:00

Description

The process function in data/class/pages/admin/customer/LC_Page_Admin_Customer_SearchCustomer.php in EC-CUBE Ver2 2.4.0 RC1 through 2.4.1, and Community Edition r18068 through r18428, allows remote attackers to obtain sensitive information (customer data) via unknown vectors related to sessions.