Lucene search

K

MitreCVELIST:CVE-2009-4236

HistoryDec 08, 2009 - 11:00 p.m.

CVE-2009-4236

2009-12-0823:00:00

mitre

www.cve.org

5

AI Score

6.1

Confidence

Low

EPSS

0.007

Percentile

80.4%

The process function in data/class/pages/admin/customer/LC_Page_Admin_Customer_SearchCustomer.php in EC-CUBE Ver2 2.4.0 RC1 through 2.4.1, and Community Edition r18068 through r18428, allows remote attackers to obtain sensitive information (customer data) via unknown vectors related to sessions.

References

jvn.jp/en/jp/JVN79762947/index.html

jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000078.html

osvdb.org/60685

secunia.com/advisories/37603

www.ec-cube.net/info/091127/

www.ipa.go.jp/security/vuln/documents/2009/200912_ec-cube.html

www.vupen.com/english/advisories/2009/3421

exchange.xforce.ibmcloud.com/vulnerabilities/54573

AI Score

6.1

Confidence

Low

EPSS

0.007

Percentile

80.4%

Related for CVELIST:CVE-2009-4236

nvd1 cve1 jvn1 prion1