Family: CGI abuses --> Category: attack
Clever Copy connect.inc Information Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Reads Clever Copy's admin/connect.inc file
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that is affected by
an information disclosure flaw.
The remote host is running Clever Copy, a free web portal written in
The version of Clever Copy installed on the remote host fails to limit
access to the 'admin/connect.inc' include file, which contains
information used by the application to connect to a database. An
unauthenticated attacker can view the contents of this file using a
simple GET command and use the information to launch other attacks
against the affected host.
See also :
Limit access to Clever Copy's admin directory using, say, a .htaccess
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.