2 matches found
CVE-2007-1128
CVE-2007-1128 affects shopkitplus. The issue is an information disclosure where requests to (1) events.php with curmonth[]=01 or (2) enc/stylecss.php with changetheme[]= reveal the installation path in error messages. The affected component is PHP-based endpoints; root cause is improper handling ...
CVE-2007-1128
shopkitplus allows remote attackers to obtain sensitive information via a request to 1 events.php with a curmonth=01 query string or 2 enc/stylecss.php with a changetheme= query string, which reveals the path in various error messages...