RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message.Referenceshttp://osvdb.org/50325http://secunia.com/advisories/32950http://www.securityfocus.com/bid/32563http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt
