Published:
2020/06/18
Last Updated:
2020/06/18
Information from EC-CUBE CO.,LTD.
Vulnerability ID:JVN#77458946
Title:EC-CUBE vulnerable to directory traversal
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
The details of the vulnerability and how to fix it are described below.
EC-CUBE ver 3
https://www.ec-cube.net/info/weakness/weakness.php?id=73
EC-CUBE ver 4
https://www.ec-cube.net/info/weakness/weakness.php?id=74
