Information disclosure in Opensolution Quick.cart

CVE-2012-6049

Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via (1) a long string or (2) invalid characters in a cookie, which reveals the installation path in an error message.

Vulnerability class: Information Disclosure

EPSS: 0.014 (68.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References