Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3757


Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3757
Last Modified 05 Sep 2008 05:07:59
Published 21 Jul 2006 10:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



index.php in Zen Cart allows remote attackers to obtain sensitive information via empty (1) _GET[], (2) _SESSION[], (3) _POST[], (4) _COOKIE[], or (5) _SESSION[] array parameters, which reveals the installation path in an error message. NOTE: this issue might be resultant from a global overwrite vulnerability.

Vulnerable Systems


  • Zen Cart


BUGTRAQ - 20060630 Zen-Cart Full Path Disclosure

SREASON - 1253

Last Updated: 27 May 2016 10:43:06