CVE-2006-7171

Koan Software Mega Mall - Information Disclosure via Empty x[] Parameter

Title source: llm
STIX 2.1

Description

product_review.php in Koan Software Mega Mall allows remote attackers to obtain the installation path via a request with an empty value of the x[] parameter.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30215
Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=116343783720459&w=2

Scores

EPSS 0.0106
EPSS Percentile 60.6%

Details

CWE
CWE-20
Status published
Products (1)
koan_software/mega_mall
Published Mar 20, 2007
Tracked Since Feb 18, 2026