Clever Copy 2.0 and 2.0a allows remote malicious users to obtain the full path of the web root via a direct request to (1) ticker.php, (2) menu.php, (3) banned.php, (4) endlayout.php, (5) randomhlinesblock.php, (6) showlast.php, (7) showlast5class1.php, (8) showlast5phorum.php, (9) showlast5phorumblock.php, (10) showlastforumbb2.php, or (11) showlastforumbb2block.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clever copy clever copy 2.0a |
||
clever copy clever copy 2.0 |