cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message.
References
Configurations
History
20 Nov 2024, 23:47
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securiteam.com/securitynews/6T00T008KG.html - | |
References | () http://www.securityfocus.com/bid/8860 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/13461 - |
Information
Published : 2003-12-31 05:00
Updated : 2024-11-20 23:47
NVD link : CVE-2003-1517
Mitre link : CVE-2003-1517
CVE.ORG link : CVE-2003-1517
JSON object : View
Products Affected
dansie
- shopping_cart
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor