SendCard 3.3.0 allows remote attackers to obtain sensitive information via an invalid sc_language parameter to sendcard.php, which reveals the path in an error message.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sendcard | Sendcard | 3.3.0 (including) | 3.3.0 (including) |