geeeekShop 1.4 Information Disclosure Vulnerabilities

2003-08-09T00:00:00
ID EDB-ID:23000
Type exploitdb
Reporter G00db0y
Modified 2003-08-09T00:00:00

Description

geeeekShop 1.4 Information Disclosure Vulnerabilities. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/8380/info

geeeekShop is prone to multiple information disclosure vulnerabilities. Passing invalid data as URI parameters to geeeekShop scripts, will cause an error message to be displayed, which contains installation path information. Additionally it has been reported that a remote attacker may access site configuration scripts, which may lead to the disclosure of potentially sensitive information.

http://www.example.com/shop/?category=xxxxxx&parent=0&page=x&/'
http://www.example.com/shop/php_files/site.config.php