[] NeoSense
E X P L O I T S
title author type platform port cve id

eStore 1.0.1/1.0.2 - 'Settings.inc.php' Full Path Disclosure

Author: Bosen
type: webapps
platform: php
port: 
date_added: 2003-07-17 
date_updated: 2012-11-26 
verified: 1 
codes: CVE-2003-0586;OSVDB-11456 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/8220/info

eStore is prone to a path disclosure vulnerability.

It has been reported that a remote attacker may make a direct HTTP request for an eStore include script and in doing so trigger an error. The resulting error message will disclose potentially sensitive installation path information to the remote attacker.

http://www.example.com/admin/settings.inc.php
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.