Description

extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

Remediation

References

CVE-2009-4322

Related Vulnerabilities

WordPress Plugin CBI Referral Manager Cross-Site Scripting (1.2.1)

phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23192)

WordPress Plugin IP Geo Block Security Bypass (2.2.2)

MediaWiki CVE-2023-36674 Vulnerability (CVE-2023-36674)

Oracle Database Server CVE-2019-2956 Vulnerability (CVE-2019-2956)

Severity

Medium

Classification

CVE-2009-4322 CWE-200

Tags

Missing Update Known Vulnerabilities