High severityNVD Advisory· Published Jun 19, 2020· Updated Aug 4, 2024
CVE-2020-5590
CVE-2020-5590
Description
Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 to 4.0.3 allows remote authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ec-cube/ec-cubePackagist | >= 3.0.0, <= 3.0.18 | — |
ec-cube/ec-cubePackagist | >= 4.0.0, < 4.0.4 | 4.0.4 |
Affected products
2- Range: 3.0.0 to 3.0.18 and 4.0.0 to 4.0.3
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-hx79-x87c-hgm3ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-5590ghsaADVISORY
- jvn.jp/en/jp/JVN77458946/index.htmlghsax_refsource_MISCWEB
- www.ec-cube.net/info/weakness/weakness.phpghsax_refsource_MISCWEB
- www.ec-cube.net/info/weakness/weakness.phpghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.