Information Disclosure Vulnerability in OpenCart by OpenCart
CVE-2011-3763

Currently unrated

Key Information:

Vendor: Opencart
Status: Opencart
Vendor: CVE Published:; 24 September 2011

What is CVE-2011-3763?

The OpenCart version 1.4.9.3 vulnerability exposes sensitive information to remote attackers when they make direct requests to certain PHP files. This security flaw can lead to the unintentional disclosure of the installation path, specifically through error messages generated by files such as system/startup.php and potentially others. By exploiting this vulnerability, attackers may gain insights into the server structure, which can facilitate further attacks on the system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/70609

vdb-entryx_refsource_XF

http://www.openwall.com/lists/oss-security/2011/06/27/6

mailing-listx_refsource_MLIST

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2011
Vulnerability Reserved
Sep 23, 2011

Opencart

What is CVE-2011-3763?

References

Timeline