Zope Invalid Query Path Disclosure
Medium Nessus Plugin ID 11769
SynopsisThe remote web server contains an application server that is prone to an information disclosure attack.
DescriptionThe remote Zope web server may be forced into disclosing its physical path when calling 'Examples/ShoppingCart/addItems' with a blank quantity.
Note that this install is also likely to be affected by several other vulnerabilities, although Nessus has not checked for them.
SolutionDelete the directory '/Examples'.