CVE-2013-5995

Published: Nov 21, 2013Modified: Apr 29, 2026

5.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Exploitability: 8.0 / Impact: 4.9

Source: NVD

Description

data/class/helper/SC_Helper_Address.php in the front-features implementation in LOCKON EC-CUBE 2.12.3 through 2.13.0 allows remote authenticated users to obtain sensitive information via unspecified vectors related to addresses.

Affected (10)

Products: Lockon: Ec Cube

1 product

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Lockon Ec Cube	Version 2.12.3
Lockon Ec Cube	Version 2.12.3en
Lockon Ec Cube	Version 2.12.3enp1
Lockon Ec Cube	Version 2.12.3enp2
Lockon Ec Cube	Version 2.12.4en
Lockon Ec Cube	Version 2.12.5
Lockon Ec Cube	Version 2.12.5en
Lockon Ec Cube	Version 2.12.6
Lockon Ec Cube	Version 2.12.6en
Lockon Ec Cube	Version 2.13.0

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://jvn.jp/en/jp/JVN55630933/index.html

Source: vultures@jpcert.or.jp

http://jvndb.jvn.jp/jvndb/JVNDB-2013-000106

Source: vultures@jpcert.or.jp

http://svn.ec-cube.net/open_trac/changeset/23274

Source: vultures@jpcert.or.jp

ExploitPatch

http://www.ec-cube.net/info/weakness/weakness.php?id=51

Source: vultures@jpcert.or.jp

ExploitPatch

http://jvn.jp/en/jp/JVN55630933/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://jvndb.jvn.jp/jvndb/JVNDB-2013-000106

Source: af854a3a-2127-422b-91ae-364da2661108

http://svn.ec-cube.net/open_trac/changeset/23274

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://www.ec-cube.net/info/weakness/weakness.php?id=51

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

Timeline

No history available yet.