4 matches found
CVE-2013-3650
Directory traversal vulnerability in the lfCheckFileName function in data/class/pages/LCPageResizeImage.php in LOCKON EC-CUBE before 2.12.5 allows remote attackers to read arbitrary image files via vectors involving the image parameter to resizeimage.php, a different vulnerability than...
Directory traversal
Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SCCheckError.php and data/class/SCFormParam.php, a different vulnerability than CVE-2013-3650...
CVE-2013-3650
CVE-2013-3650 is a directory traversal vulnerability in LOCKON EC-CUBE, affecting versions before 2.12.5. The flaw resides in the lfCheckFileName function used by resize_image.php, allowing remote attackers to read arbitrary image files via the image parameter. This is tied to EC-CUBE’s data/clas...
CVE-2013-3650
Directory traversal vulnerability in the lfCheckFileName function in data/class/pages/LCPageResizeImage.php in LOCKON EC-CUBE before 2.12.5 allows remote attackers to read arbitrary image files via vectors involving the image parameter to resizeimage.php, a different vulnerability than...