eStore 1.0.1/1.0.2 Path Disclosure Vulnerability

ID EDB-ID:22925
Type exploitdb
Reporter Bosen
Modified 2003-07-17T00:00:00


eStore 1.0.1/1.0.2 Path Disclosure Vulnerability. CVE-2003-0586. Webapps exploit for php platform


eStore is prone to a path disclosure vulnerability.

It has been reported that a remote attacker may make a direct HTTP request for an eStore include script and in doing so trigger an error. The resulting error message will disclose potentially sensitive installation path information to the remote attacker.