Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the full path of the server via direct calls without parameters to (1) information.php, (2) language.php, (3) list_docs.php, (4) popular_prod.php, (5) sale.php, (6) subfooter.inc.php, (7) subheader.inc.php, (8) cat_navi.php, or (9) check_sum.php, which reveals the path in a PHP error message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CubeCart信息泄露漏洞
Vulnerability Description
CubeCart 2.0.0至2.0.5允许远程攻击者通过不包括(1)information.php,(2)language.php,(3)list_docs.php,(4)popular_prod.php,(5)sale.php,(6)subfooter.inc.php,(7)subheader.inc.php,(8)cat_navi.php或(9)check_sum.php中参数的直接调用来决定服务器的完整路径,从而在PHP出错信息中透露路径。
CVSS Information
N/A
Vulnerability Type
N/A