2 matches found
CVE-2013-3651
LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduct unspecified PHP code-injection attacks via a crafted string, related to data/class/SCCheckError.php and data/class/SCFormParam.php...
CVE-2013-3651
EC-CUBE vulnerability CVE-2013-3651 affects EC-CUBE versions 2.11.2–2.12.4. A crafted string can trigger remote PHP code execution via in-scope code paths in data/class/SC_CheckError.php and data/class/SC_FormParam.php, allowing arbitrary code execution with the application’s privileges on the se...