Information disclosure

2013-11-2104:40:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.1%

JSON

data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php in LOCKON EC-CUBE 2.11.2 through 2.13.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.

CPENameOperatorVersion
ec-cubeeq2.11.2
ec-cubeeq2.12.5-en
ec-cubeeq2.12.6
ec-cubeeq2.12.5
ec-cubeeq2.12.3
ec-cubeeq2.11.3
ec-cubeeq2.11.5
ec-cubeeq2.12.1
ec-cubeeq2.12.4-en
ec-cubeeq2.13.0

Name	Operator	Version
ec-cube	eq	2.11.2
ec-cube	eq	2.12.5-en
ec-cube	eq	2.12.6
ec-cube	eq	2.12.5
ec-cube	eq	2.12.3
ec-cube	eq	2.11.3
ec-cube	eq	2.11.5
ec-cube	eq	2.12.1
ec-cube	eq	2.12.4-en
ec-cube	eq	2.13.0