Directory Traversal Flaw in EC-CUBE by EC-CUBE Co.
CVE-2020-5590
8.1HIGH
What is CVE-2020-5590?
A directory traversal vulnerability exists in EC-CUBE versions 3.0.0 through 3.0.18 and 4.0.0 through 4.0.3. This flaw allows remote authenticated attackers to access and delete arbitrary files and directories on the server, potentially leading to significant data loss. The exploitation occurs through unspecified vectors that abuse improper file handling. It's critical for users to patch their installations and ensure security measures are in place to mitigate these risks.
Affected Version(s)
EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 to 4.0.3