Description
extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Remediation
References
Related Vulnerabilities
WordPress Plugin Zita Elementor Site Library Arbitrary File Upload (1.6.1)
MySQL CVE-2014-6495 Vulnerability (CVE-2014-6495)
WordPress Plugin 3D Tag Cloud Cross-Site Request Forgery (3.8)
MediaWiki Incorrect Default Permissions Vulnerability (CVE-2017-0369)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3680)