Description
create_account.php in osCommerce 2.2 RC 2a allows remote attackers to obtain sensitive information via an invalid dob parameter, which reveals the installation path in an error message.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2008-4153 | create_account.php in osCommerce 2.2 RC 2a allows remote attackers to obtain sensitive information via an invalid dob parameter, which reveals the installation path in an error message. |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T10:08:34.938Z
Reserved: 2008-09-22T00:00:00.000Z
Link: CVE-2008-4170
No data.
Status : Modified
Published: 2008-09-22T18:34:16.797
Modified: 2026-06-16T22:57:18.503
Link: CVE-2008-4170
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
EUVD