Unrated severityNVD Advisory· Published Oct 27, 2015· Updated May 6, 2026
CVE-2015-5665
CVE-2015-5665
Description
Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11.0 through 2.13.3 allows remote attackers to hijack the authentication of arbitrary users for requests that write to PHP scripts, related to the doValidToken function.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- jvn.jp/en/jp/JVN97278546/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2015-000166nvdVendor Advisory
- www.ec-cube.net/info/weakness/weakness.phpnvdVendor Advisory
- www.ec-cube.net/info/weakness/201510_01/nvdVendor Advisory
News mentions
0No linked articles in our index yet.