Vulnerability Details CVE-2009-4322
extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/
- http://www.securityfocus.com/archive/1/508340/100/0/threaded
- http://www.zen-cart.com/forum/showthread.php?t=142784
- http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/
- http://www.securityfocus.com/archive/1/508340/100/0/threaded
- http://www.zen-cart.com/forum/showthread.php?t=142784
Products affected by CVE-2009-4322
-
cpe:2.3:a:zen-cart:zen_cart:-
-
cpe:2.3:a:zen-cart:zen_cart:1.1.0
-
cpe:2.3:a:zen-cart:zen_cart:1.1.3
-
cpe:2.3:a:zen-cart:zen_cart:1.2.0d
-
cpe:2.3:a:zen-cart:zen_cart:1.2.1
-
cpe:2.3:a:zen-cart:zen_cart:1.2.1d
-
cpe:2.3:a:zen-cart:zen_cart:1.2.2d
-
cpe:2.3:a:zen-cart:zen_cart:1.2.3d
-
cpe:2.3:a:zen-cart:zen_cart:1.2.4.1
-
cpe:2.3:a:zen-cart:zen_cart:1.2.4d
-
cpe:2.3:a:zen-cart:zen_cart:1.2.5d
-
cpe:2.3:a:zen-cart:zen_cart:1.2.6d
-
cpe:2.3:a:zen-cart:zen_cart:1.3
-
cpe:2.3:a:zen-cart:zen_cart:1.3.0.1
-
cpe:2.3:a:zen-cart:zen_cart:1.3.0.2
-
cpe:2.3:a:zen-cart:zen_cart:1.3.2
-
cpe:2.3:a:zen-cart:zen_cart:1.3.5
-
cpe:2.3:a:zen-cart:zen_cart:1.3.6
-
cpe:2.3:a:zen-cart:zen_cart:1.3.7
-
cpe:2.3:a:zen-cart:zen_cart:1.3.8
-
cpe:2.3:a:zen-cart:zen_cart:1.3.8a
-
cpe:2.3:a:zen-cart:zen_cart:1.3.9
-
cpe:2.3:a:zen-cart:zen_cart:1.3.9h
-
cpe:2.3:a:zen-cart:zen_cart:1.5
-
cpe:2.3:a:zen-cart:zen_cart:1.5.1
-
cpe:2.3:a:zen-cart:zen_cart:1.5.2
-
cpe:2.3:a:zen-cart:zen_cart:1.5.3
-
cpe:2.3:a:zen-cart:zen_cart:1.5.4
-
cpe:2.3:a:zen-cart:zen_cart:1.5.5
-
cpe:2.3:a:zen-cart:zen_cart:1.5.5a
-
cpe:2.3:a:zen-cart:zen_cart:1.5.5b
-
cpe:2.3:a:zen-cart:zen_cart:1.5.5c
-
cpe:2.3:a:zen-cart:zen_cart:1.5.5d
-
cpe:2.3:a:zen-cart:zen_cart:1.5.5e
-
cpe:2.3:a:zen-cart:zen_cart:1.5.5f
-
cpe:2.3:a:zen-cart:zen_cart:1.5.6
-
cpe:2.3:a:zen-cart:zen_cart:1.5.6a
-
cpe:2.3:a:zen-cart:zen_cart:1.5.6b
-
cpe:2.3:a:zen-cart:zen_cart:1.5.6c
-
cpe:2.3:a:zen-cart:zen_cart:1.5.6d
-
cpe:2.3:a:zen-cart:zen_cart:1.5.7
-
cpe:2.3:a:zen-cart:zen_cart:1.5.7a
-
cpe:2.3:a:zen-cart:zen_cart:1.5.7b
-
cpe:2.3:a:zen-cart:zen_cart:1.6.0
-
cpe:2.3:a:zen-cart:zen_cart:2008