Vulnerability Description
RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rakhisoftware | Rakhisoftware Shopping Cart | - |
Related Weaknesses (CWE)
References
- http://osvdb.org/50325
- http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txtExploit
- http://secunia.com/advisories/32950Vendor Advisory
- http://www.securityfocus.com/bid/32563Exploit
- http://osvdb.org/50325
- http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txtExploit
- http://secunia.com/advisories/32950Vendor Advisory
- http://www.securityfocus.com/bid/32563Exploit
FAQ
What is CVE-2008-6279?
CVE-2008-6279 is a vulnerability with a CVSS score of 7.8 (HIGH). RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error messa...
How severe is CVE-2008-6279?
CVE-2008-6279 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6279?
Check the references section above for vendor advisories and patch information. Affected products include: Rakhisoftware Rakhisoftware Shopping Cart.