Directory traversal vulnerability in CubeCart versions prior to 6.1.4 allows remote authenticated attackers to read arbitrary files via unspecified vectors.
References
Link Resource
http://jvn.jp/en/jp/JVN81618356/index.html Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/95866 Third Party Advisory VDB Entry
https://forums.cubecart.com/topic/52088-cubecart-614-released/ Patch Release Notes
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2017-04-28T16:00:00

Updated: 2017-05-01T09:57:02

Reserved: 2016-12-01T00:00:00


Link: CVE-2017-2098

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2017-04-28T16:59:00.637

Modified: 2017-05-05T12:47:10.093


Link: CVE-2017-2098

JSON object: View

cve-icon Redhat Information

No data.

CWE