5
CVSSv2

CVE-2011-3796

Published: 24/09/2011 Updated: 21/05/2012
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

PrestaShop 1.4.0.6 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files.

Affected Products

Vendor Product Versions
PrestashopPrestashop1.4.0.6

Github Repositories

PrestaShop security vulnerability checker The library and the tool to check PrestaShop for vulnerabilities The tool home page and the support page: prestashopmodulezru The full description, how to use and the stable release for download are available there Report example PrestaShop security vulnerability checker (homepage: prestashopmodulezru/en/tools-scripts/70