Test ID:	19392
Category:	CGI abuses
Title:	Multiple vulnerabilities in Clever Copy
Summary:	Checks for XSS in results.php
Description:	Synopsis : The remote web server contains a PHP application that is affected by multiple issues. Description : The remote host is running Clever Copy, a free, fully-scalable web site portal and news posting system written in PHP The remote version of this software contains multiple vulnerabilities that can lead to path disclosure, cross-site scripting and unauthorized access to private messages See also : http://lostmon.blogspot.com/2005/07/clever-copy-calendarphp-yr-variable.html http://lostmon.blogspot.com/2005/07/clever-copy-path-disclosure-and-xss.html http://lostmon.blogspot.com/2005/07/clever-copy-unauthorized-read-delete.html Solution : Unknown at this time. Risk factor : Low / CVSS Base Score : 2 (AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:N)
Cross-Ref:	BugTraq ID: 14278 BugTraq ID: 14395 BugTraq ID: 14397 Common Vulnerability Exposure (CVE) ID: CVE-2005-2324 http://lostmon.blogspot.com/2005/07/clever-copy-path-disclosure-and-xss.html Common Vulnerability Exposure (CVE) ID: CVE-2005-2325 Common Vulnerability Exposure (CVE) ID: CVE-2005-2326 http://lostmon.blogspot.com/2005/07/clever-copy-calendarphp-yr-variable.html
Copyright	Copyright (C) 2005 Josh Zlatin-Amishav

This is only one of 24975 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: