CVE-2007-1128

Published: Feb 27, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

shopkitplus allows remote attackers to obtain sensitive information via a request to (1) events.php with a curmonth[]=01 query string or (2) enc/stylecss.php with a changetheme[]= query string, which reveals the path in various error messages.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20070223 shopkitplus local file include

mailing-list

x_refsource_BUGTRAQ

33757

vdb-entry

x_refsource_OSVDB

2295

third-party-advisory

x_refsource_SREASON

33756

vdb-entry

x_refsource_OSVDB

shopkitplus-events-stylecss-info-disclosure(32661)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-1128

Description

Affected Products

References