Description

extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

Remediation

References

CVE-2009-4322

Related Vulnerabilities

Drupal Core 9.2.x Cross-Site Request Forgery (9.2.0 - 9.2.5)

Oracle Database Server CVE-2019-2753 Vulnerability (CVE-2019-2753)

WordPress Other Vulnerability (CVE-2007-3238)

Internet Information Services Other Vulnerability (CVE-1999-0278)

WordPress Plugin Media from FTP Cross-Site Scripting (9.89)

Severity

Medium

Classification

CVE-2009-4322 CWE-200

Tags

Missing Update Known Vulnerabilities