Vulnerability Details CVE-2008-6279
RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.2%
CVSS Severity
CVSS v2 Score 7.8
References
- http://osvdb.org/50325
- http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt
- http://secunia.com/advisories/32950
- http://www.securityfocus.com/bid/32563
- http://osvdb.org/50325
- http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt
- http://secunia.com/advisories/32950
- http://www.securityfocus.com/bid/32563
Products affected by CVE-2008-6279
-
cpe:2.3:a:rakhisoftware:rakhisoftware_shopping_cart:-