header-logo
Suggest Exploit
vendor:
Shopping Cart
by:
SecurityFocus
2.6
CVSS
LOW
Path Disclosure
200
CWE
Product Name: Shopping Cart
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Dansie Shopping Cart Path Disclosure Vulnerability

Dansie Shopping Cart is reported to be prone to path disclosre issue in the 'db' parameter of 'cart.pl' that may lead to an attacker gaining sensitive information about the installation path of the system. Information gained by exploiting this attack may aid an attacker in launching further attacks against a vulnerable system.

Mitigation:

Ensure that the application does not disclose sensitive information in the URL.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8860/info

Dansie Shopping Cart is reported to be prone to path disclosre issue in the 'db' parameter of 'cart.pl' that may lead to an attacker gaining sensitive information about the installation path of the system.

Information gained by exploiting this attack may aid an attacker in launching further attacks against a vulnerable system.

http://www.example.com/cgi-bin/cart.pl?db='

Navigation

Suggest Exploit

Services By CQR