[] NeoSense
E X P L O I T S
title author type platform port cve id

Dansie Shopping Cart - Server Error Message Installation Full Path Disclosure

Author: Dr_Ponidi
type: webapps
platform: cgi
port: 
date_added: 2003-10-20 
date_updated: 2012-12-09 
verified: 1 
codes: CVE-2003-1517;OSVDB-2686 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/8860/info

Dansie Shopping Cart is reported to be prone to path disclosre issue in the 'db' parameter of 'cart.pl' that may lead to an attacker gaining sensitive information about the installation path of the system.

Information gained by exploiting this attack may aid an attacker in launching further attacks against a vulnerable system.

http://www.example.com/cgi-bin/cart.pl?db='
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.