CVE-2014-0807

Published: Jan 22, 2014Modified: Apr 29, 2026

6.4

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:P

Exploitability: 10.0 / Impact: 4.9

Source: NVD

Description

data/class/pages/shopping/LC_Page_Shopping_Deliv.php in LOCKON EC-CUBE 2.4.4 and earlier, and 2.11.0 through 2.12.2, allows remote attackers to modify data via unspecified vectors.

Affected (17)

Products: Lockon: Ec Cube

Lockon

1 product

Ec Cube

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Lockon Ec Cube	Up to 2.4.4
Lockon Ec Cube	Version 2.4.0
Lockon Ec Cube	Version 2.4.0 rc1
Lockon Ec Cube	Version 2.4.1
Lockon Ec Cube	Version 2.4.2
Lockon Ec Cube	Version 2.4.3

Configuration B

11 vulnerable

Vulnerable Software	Affected Versions
Lockon Ec Cube	Version 2.11.0
Lockon Ec Cube	Version 2.11.0 beta2
Lockon Ec Cube	Version 2.11.0 beta
Lockon Ec Cube	Version 2.11.1
Lockon Ec Cube	Version 2.11.2
Lockon Ec Cube	Version 2.11.3
Lockon Ec Cube	Version 2.11.4
Lockon Ec Cube	Version 2.11.5
Lockon Ec Cube	Version 2.12.0
Lockon Ec Cube	Version 2.12.1
Lockon Ec Cube	Version 2.12.2

References (6)

http://jvn.jp/en/jp/JVN17849447/index.html

Source: vultures@jpcert.or.jp

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000005

Source: vultures@jpcert.or.jp

http://www.ec-cube.net/info/weakness/weakness.php?id=56

Source: vultures@jpcert.or.jp

ExploitVendor Advisory

http://jvn.jp/en/jp/JVN17849447/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000005

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ec-cube.net/info/weakness/weakness.php?id=56

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

Timeline

No history available yet.