2007-10-25 19:00:00
mitre
PUBLISHED
cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message.