CVE-2004-1579

Name of the Vulnerable Software and Affected Versions CubeCart version 2.0.1

Description The issue allows remote attackers to gain sensitive information via an HTTP request with an invalid cat id parameter, which reveals the full path in a PHP error message.

Recommendations For CubeCart version 2.0.1, consider validating and sanitizing the cat id parameter to prevent the disclosure of sensitive information. As a temporary workaround, restrict access to the index.php file until a patch is available.