Описание
EC-CUBE Directory traversal vulnerability
Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 to 4.0.3 allows remote authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors.
Пакеты
Наименование
ec-cube/ec-cube
composer
Затронутые версииВерсия исправления
>= 3.0.0, <= 3.0.18
Отсутствует
Наименование
ec-cube/ec-cube
composer
Затронутые версииВерсия исправления
>= 4.0.0, <= 4.0.3
4.0.4
Связанные уязвимости
CVSS3: 8.1
nvd
больше 5 лет назад
Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 to 4.0.3 allows remote authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors.