Information disclosure in Zen-cart Zen_cart

CVE-2009-4322

extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

Vulnerability class: Information Disclosure

EPSS: 0.013 (67.0th percentile) — read the EPSS interpretation.

Affected products

Zen-cart Zen_cart
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)