CVE-2005-2325
Last modified
CVE-2005-2325 is a vulnerability of currently unknown severity. Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full path of the web root via a direct request to (1) ticker.php, (2) menu.php, (3) banned.php, (4) endlayout.php, (5) randomhlinesblock.php, (6) showlast.php, (7) showlast5class1.php, (8) showlast5phorum.php, (9) showlast5phorumblock.php, (10) showlastforumbb2.php, or (11) showlastforumbb2block.php.. EPSS estimates a 1.85% chance of exploitation in the next 30 days.
Description
Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full path of the web root via a direct request to (1) ticker.php, (2) menu.php, (3) banned.php, (4) endlayout.php, (5) randomhlinesblock.php, (6) showlast.php, (7) showlast5class1.php, (8) showlast5phorum.php, (9) showlast5phorumblock.php, (10) showlastforumbb2.php, or (11) showlastforumbb2block.php.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Clever Copy | Clever Copy | 2.0 |
| Clever Copy | Clever Copy | 2.0a |
References
- http://lostmon.blogspot.com/2005/07/clever-copy-path-disclosure-and-xss.htmlExploit, Vendor Advisory
- http://lostmon.blogspot.com/2005/07/clever-copy-path-disclosure-and-xss.htmlExploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-2325?
How severe is CVE-2005-2325?
How do I fix CVE-2005-2325?
Are you affected by CVE-2005-2325?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST