Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain sensitive information via empty (1) _GET[], (2) _SESSION[], (3) _POST[], (4) _COOKIE[], or (5) _SESSION[] array parameters, which reveals the installation path in an error message. NOTE: this issue might be resultant from a global overwrite vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zen Cart 'index.php' 敏感信息泄露漏洞
Vulnerability Description
Zen Cart 1.3.0.2中的index.php可以使远程攻击者借助空的 (1) _GET[], (2) _SESSION[], (3) _POST[], (4) _COOKIE[],或(5) _SESSION[]数组参数,在错误讯息中显示安装路径,从而获得敏感信息。注:此问题可能由全局重写漏洞所致。
CVSS Information
N/A
Vulnerability Type
N/A