Design/Logic Flaw

2009-02-2523:30:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.9%

JSON

RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message.

References

osvdb.org/50325

packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt

secunia.com/advisories/32950

www.securityfocus.com/bid/32563