VYPR
Low severityNVD Advisory· Published Sep 27, 2022· Updated May 21, 2025

CVE-2022-40199

CVE-2022-40199

Description

Directory traversal vulnerability in EC-CUBE 3 series (EC-CUBE 3.0.0 to 3.0.18-p4 ) and EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote authenticated attacker with an administrative privilege to obtain the product's directory structure information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ec-cube/ec-cubePackagist
>= 3.0.0, <= 3.0.18-p4
ec-cube/ec-cubePackagist
>= 4.0.0, <= 4.1.2

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.