PrestaShop 1.3.6 Path Disclosure

2011-03-03T00:00:00
ID PACKETSTORM:98886
Type packetstorm
Reporter High-Tech Bridge SA
Modified 2011-03-03T00:00:00

Description

                                        
                                            `Vulnerability ID: HTB22837  
Reference: http://www.htbridge.ch/advisory/path_disclosure_in_prestashop.html  
Product: PrestaShop  
Vendor: PrestaShop ( http://www.prestashop.com/ )   
Vulnerable Version: Prestashop 1.3.6 final  
Vendor Notification: 17 February 2011   
Vulnerability Type: Path disclosure  
Risk level: Low   
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)   
  
Vulnerability Details:  
The vulnerability exists due to failure in the "pagination.php", "product-sort.php, "modules/hipay/mapi/mapi_tax.php" scripts, it's possible to generate an error that will reveal the full path of the script.  
A remote user can determine the full path to the web root directory and other potentially sensitive information.  
  
The following PoC is available:  
  
http://host/pagination.php  
http://host/product-sort.php  
http://host/modules/hipay/mapi/mapi_tax.php  
  
  
`