NetCat 5.01 and previous versions allows remote malicious users to obtain the installation path via the redirect_url parameter to netshop/post.php.
netcat netcat