CVE-2008-6279

RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
rakhisoftwarerakhisoftware_shopping_cart
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/50325
http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt
http://secunia.com/advisories/32950
http://www.securityfocus.com/bid/32563
http://osvdb.org/50325
http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt
http://secunia.com/advisories/32950
http://www.securityfocus.com/bid/32563