Clever Copy

Clever Copy

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2008-2909

Exploit
  • EPSS 0.51%
  • Veröffentlicht 30.06.2008 18:24:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.

7.5

CVE-2008-1608

Exploit
  • EPSS 0.53%
  • Veröffentlicht 01.04.2008 16:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

SQL injection vulnerability in postview.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter, a different vector than CVE-2008-0363 and CVE-2006-0583.

4.3

CVE-2008-0362

  • EPSS 0.33%
  • Veröffentlicht 18.01.2008 22:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in gallery.php in Clever Copy 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the album parameter.

7.5

CVE-2008-0363

  • EPSS 0.59%
  • Veröffentlicht 18.01.2008 22:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to postcomment.php and the (2) album parameter to gallery.php.

5

CVE-2006-1718

Exploit
  • EPSS 6.19%
  • Veröffentlicht 11.04.2006 23:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc.

4.3

CVE-2006-0796

  • EPSS 0.43%
  • Veröffentlicht 19.02.2006 21:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages (privatemessages.php). NOTE: the provenance of this informat...

4.3

CVE-2006-0627

Exploit
  • EPSS 0.62%
  • Veröffentlicht 09.02.2006 19:06:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the (1) Referer or (2) X-Forwarded-For headers in an HTTP request, which are not properly handled when the a...

7.5

CVE-2006-0583

Exploit
  • EPSS 1.67%
  • Veröffentlicht 08.02.2006 01:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.

4.3

CVE-2005-2322

Exploit
  • EPSS 0.73%
  • Veröffentlicht 19.07.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allows remote attackers to inject arbitrary web script or HTML via the (1) viewuser_id or (2) group parameter to users.php.

7.5

CVE-2005-2323

Exploit
  • EPSS 0.75%
  • Veröffentlicht 19.07.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allow remote attackers to modify SQL statements via the (1) id parameter to viewattach.php, (2) viewuser_id parameter to users.php, or t...