CVE-2008-4170
The CVE-2008-4170 entry concerns osCommerce 2.2 RC 2a, where the create_account.php handler exposes sensitive information because an invalid dob parameter triggers an error message that reveals the installation path. This is an information-disclosure vulnerability in the input validation/error ha...