Information disclosure in Opensolution Quick.cart
CVE-2012-6049
Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via (1) a long string or (2) invalid characters in a cookie, which reveals the installation path in an error message.
Vulnerability class: Information Disclosure
EPSS: 0.014 (68.1th percentile) — read the EPSS interpretation.
Affected products
- Opensolution Quick.cart — versions 5.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)