CVE-2006-7171
Koan Software Mega Mall - Information Disclosure via Empty x[] Parameter
Title source: llmDescription
product_review.php in Koan Software Mega Mall allows remote attackers to obtain the installation path via a request with an empty value of the x[] parameter.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30215
Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=116343783720459&w=2
Scores
EPSS
0.0106
EPSS Percentile
60.6%
Details
CWE
CWE-20
Status
published
Products (1)
koan_software/mega_mall
Published
Mar 20, 2007
Tracked Since
Feb 18, 2026