CVE-2009-4236 in EC-CUBE Ver2信息

摘要

由 VulDB • 2026-07-07

EC-CUBE Ver2 2.4.0 RC1 至 2.4.1,以及 Community Edition r18068 至 r18428 中 data/class/pages/admin/customer/LC_Page_Admin_Customer_SearchCustomer.php 的 process 函数存在漏洞,远程攻击者可通过与会话(sessions)相关的未知途径获取敏感信息(客户数据)。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!