CVE-2003-1517
Dansie shopping_cart - Path Disclosure via Invalid db Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2003-1517. PoCs published by Dr_Ponidi.
AI-analyzed exploit summary This exploit demonstrates a path disclosure vulnerability in Dansie Shopping Cart via the 'db' parameter in 'cart.pl'. By injecting a single quote, an attacker can trigger an error that reveals the installation path of the system.
Description
cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message.
Exploits (1)
This exploit demonstrates a path disclosure vulnerability in Dansie Shopping Cart via the 'db' parameter in 'cart.pl'. By injecting a single quote, an attacker can trigger an error that reveals the installation path of the system.