CVE-2005-0607
CubeCart 2.0.0–2.0.5 allows remote attackers to determine the server’s full path by calling certain PHP files without parameters (information.php, language.php, list_docs.php, popular_prod.php, sale.php, subfooter.inc.php, subheader.inc.php, cat_navi.php, check_sum.php). The flaw exposes the serv...