10 matches found
Clever Copy 2.0 Private Message Unauthorized Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14397/info Clever Copy is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation checks before granting access to private message functions...
Clever Copy 2.0 categorysearch.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14395/info Clever Copy is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues...
Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16607/info Clever Copy is prone to multiple HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and scrip...
Clever Copy 2.0 results.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14395/info Clever Copy is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues...
Cross site scripting
Cross-site scripting XSS vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the 1 Referer or 2 X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats...
CVE-2006-0627
CVE-2006-0627 affects Clever Copy (versions 2.0, 2.0a, and 3.0). The vulnerability is a cross-site scripting flaw where HTTP Referer and HTTP_X_FORWARDED_FOR headers are not properly handled when an administrator accesses Site Stats, allowing injection of arbitrary script/HTML. The provided docum...
Clever Copy 2.0 - Private Message Unauthorized Access
source: https://www.securityfocus.com/bid/14397/info Clever Copy is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation checks before granting access to private message functions. An attacker can exploit this...
CVE-2005-2326
Cross-site scripting XSS vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the yr parameter to calendar.php...
CVE-2005-2324
Cross-site scripting XSS vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the searchtype or searchterm parameters to 1 results.php or 2 categorysearch.php...
Clever Copy 2.0 - 'calendar.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/14278/info A cross-site scripting vulnerability affects Clever Copy. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages. An attacker may leverage this issue...