exploitDog

CVE-2008-6279

Опубликовано: 25 фев. 2009

Источник: nvd

CVSS2: 7.8

EPSS Низкий

Описание

RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message.

Ссылки

http://osvdb.org/50325
http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt
Exploit
http://secunia.com/advisories/32950
Vendor Advisory
http://www.securityfocus.com/bid/32563
Exploit
http://osvdb.org/50325
http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt
Exploit
http://secunia.com/advisories/32950
Vendor Advisory
http://www.securityfocus.com/bid/32563
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rakhisoftware:rakhisoftware_shopping_cart:-:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02691

Низкий

7.8 High

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-5hcv-fg7q-j46c

github

больше 3 лет назад

RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message.

EPSS

Процентиль: 86%

0.02691

Низкий

7.8 High

CVSS2

Дефекты

CWE-200