2009-12-14 23:00:00
mitre
PUBLISHED
extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.