header-logo
Suggest Exploit
vendor:
C-Cart
by:
SecurityFocus
2.1
CVSS
LOW
Path Disclosure
200
CWE
Product Name: C-Cart
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: a:c-cart:c-cart
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

C-Cart Path Disclosure Vulnerability

C-Cart is prone to a path disclosure vulnerability. Passing invalid data as a URI parameter to several C-Cart scripts will cause an error message to be displayed, which contains installation path information.

Mitigation:

Ensure that the application is configured to not display detailed error messages.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8368/info

C-Cart is prone to a path disclosure vulnerability. Passing invalid data as a URI parameter to several C-Cart scripts will cause an error message to be displayed, which contains installation path information.

http://www.example.com/shop/search.php?q='
http://www.example.com/shop/show.php?q='