CVE-2008-4170

create_account.php in osCommerce 2.2 RC 2a allows remote attackers to obtain sensitive information via an invalid dob parameter, which reveals the installation path in an error message.
Configurations

Configuration 1

cpe:2.3:a:oscommerce:oscommerce:2.2:rc_2a:*:*:*:*:*:*

Information

Published : 2008-09-22 06:34

Updated : 2018-10-11 08:51


NVD link : CVE-2008-4170

Mitre link : CVE-2008-4170

Products Affected
No products.
CWE