3 matches found
CVE-2009-4322
extras/ipntestreturn.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message...
Design/Logic Flaw
The installation for Zen Cart stores sensitive information and insecure programs under the 1 docs, 2 extras, and 3 zcinstall folders, and 4 install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different...
CVE-2009-4322
CVE-2009-4322 (Zen Cart) : Zen Cart installations can disclose sensitive information via a direct request to extras/ipn_test_return.php, revealing the installation path in an error message. Connected documents describe broader exposure of sensitive data and insecure files under Zen Cart folders (...