5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.012 Low
EPSS
Percentile
85.0%
EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a directory traversal vulnerability when used in Windows.
A remote attacker may obtain arbitrary files on the server.
Apply the update or patch
Apply the update or patch according to the information provided by the developer.
Versions listed below are vulnerable when used in Windows.