Sensitive Information Disclosure in CubeCart 2.0.1 via Invalid cat_id Parameter

Sensitive Information Disclosure in CubeCart 2.0.1 via Invalid cat_id Parameter

CVE-2004-1579 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive information via an HTTP request with an invalid cat_id parameter, which reveals the full path in a PHP error message.

Learn more about our Web Application Penetration Testing UK.