CVE-2005-2324
Clever Copy 2.0 and 2.0a - Cross-Site Scripting via Search Parameters
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2005-2324. PoCs published by Lostmon.
AI-analyzed exploit summary This exploit demonstrates multiple XSS vulnerabilities in Clever Copy by injecting arbitrary script code via unsanitized user input in the 'searchtype' and 'searchterm' parameters. The PoC provides specific URLs to trigger the vulnerabilities.
Description
Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the searchtype or searchterm parameters to (1) results.php or (2) categorysearch.php.
Exploits (2)
This exploit demonstrates multiple XSS vulnerabilities in Clever Copy by injecting arbitrary script code via unsanitized user input in the 'searchtype' and 'searchterm' parameters. The PoC provides specific URLs to trigger the vulnerabilities.
The exploit demonstrates XSS vulnerabilities in Clever Copy by injecting arbitrary script code via unsanitized input parameters in the 'categorysearch.php' page. The PoC provides specific URLs with malicious payloads to trigger the vulnerability.