RSS   Vulnerabilities for 'Ec-cube ver2'   RSS

2009-12-08
 
CVE-2009-4236

CWE-200
 

 
The process function in data/class/pages/admin/customer/LC_Page_Admin_Customer_SearchCustomer.php in EC-CUBE Ver2 2.4.0 RC1 through 2.4.1, and Community Edition r18068 through r18428, allows remote attackers to obtain sensitive information (customer data) via unknown vectors related to sessions.

 

 >>> Vendor: Ec-cube 6 Products
Ec-cube
Ec-cube ver2
Coupon plugin
Ec-cube payment module
Amazon pay
E-mail newsletter management


Copyright 2024, cxsecurity.com

 

Back to Top