C-Cart 1.0 Path Disclosure Vulnerability

2003-08-08T00:00:00
ID EDB-ID:22995
Type exploitdb
Reporter G00db0y
Modified 2003-08-08T00:00:00

Description

C-Cart 1.0 Path Disclosure Vulnerability. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/8368/info

C-Cart is prone to a path disclosure vulnerability. Passing invalid data as a URI parameter to several C-Cart scripts will cause an error message to be displayed, which contains installation path information.

http://www.example.com/shop/search.php?q='
http://www.example.com/shop/show.php?q='