CVE-2006-6941

index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to obtain sensitive information via an invalid action parameter in an info operation, which discloses the path in an error message.

Published: Jan 19, 2007
Updated: Apr 13, 2023
CVE: CVE-2006-6941
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
freewebshop / freewebshop	-	2.2.2.x

http://www.freewebshop.org/?id=27
https://www.exploit-db.com/exploits/2704

Vulnerability Database

291,049

CVE-2006-6941