CVE-2009-4322

Zen Cart - Exposure of Sensitive Information via Direct Request to extras/ipn_test_return.php

Title source: llm
STIX 2.1

Description

extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/508340/100/0/threaded

Scores

EPSS 0.0132
EPSS Percentile 67.4%

Details

CWE
CWE-200
Status published
Products (1)
zen-cart/zen_cart
Published Dec 14, 2009
Tracked Since Feb 18, 2026