CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3CVE-2007-1606 – W-Agora 4.2.1 - 'change_password.php?userid' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-1606
Multiple cross-site scripting (XSS) vulnerabilities in w-Agora (Web-Agora) allow remote attackers to inject arbitrary web script or HTML via (1) the showuser parameter to profile.php, the (2) search_forum or (3) search_user parameter to search.php, or (4) the userid parameter to change_password.php. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en w-Agora (Web-Agora) permiten a atacantes remotos inyectar scripts web o HTML de su elección mediante (1) el parámetro showuser en profile.php (2) el parámetro search_forum ó (3) el parámetro search_user en search.php, ó (4) el parámetro userid en change_password.php. • https://www.exploit-db.com/exploits/29766 https://www.exploit-db.com/exploits/29764 https://www.exploit-db.com/exploits/29765 http://osvdb.org/34377 http://osvdb.org/34378 http://osvdb.org/34379 http://secunia.com/advisories/24605 http://securityreason.com/securityalert/2462 http://www.securityfocus.com/archive/1/463286/100/0/threaded http://www.securityfocus.com/bid/23057 https://exchange.xforce.ibmcloud.com/vulnerabilities/33175 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2007-1605
https://notcve.org/view.php?id=CVE-2007-1605
w-Agora (Web-Agora) allows remote attackers to obtain sensitive information via a request to rss.php with an invalid (1) site or (2) bn parameter, (3) a certain value of the site[] parameter, or (4) an empty value of the bn[] parameter; a request to index.php with a certain value of the (5) site[] or (6) sort[] parameter; (7) a request to profile.php with an empty value of the site[] parameter; or a request to search.php with (8) an empty value of the bn[] parameter or a certain value of the (9) pattern[] or (10) search_date[] parameter, which reveal the path in various error messages, probably related to variable type inconsistencies. NOTE: the bn[] parameter to index.php is already covered by CVE-2007-0606.1. w-Agora (Web-Agora) permite a atacantes remotos obtener información confidencial mediante una petición a rss.php con (1) parámetro inválido site ó (2) parámetro inválido bn, (3) valor concreto de parámetro site[], ó (4) valor vacío de parámetro bn[]; una petición a index.php con valor concreto de (5) parámetro site[] ó (6) parámetro sort[]; (7) una petición a profile.php with von valor vacío de parámetro site[] ; ó una petición a search.php con (8) valor vacío de parámetro bn[] ó valor concreto de (9) parámetro pattern[] ó (10) parámetro search_date[], que revela la ruta en varios mensajes de error, probablemente relacionados con inconsistencias de tipo de variable NOTE: el parámetro bn[] en index.php está cubierto por CVE-2007-0606.1. • http://osvdb.org/34380 http://osvdb.org/34381 http://osvdb.org/34382 http://secunia.com/advisories/24605 http://securityreason.com/securityalert/2462 http://www.securityfocus.com/archive/1/463286/100/0/threaded http://www.securityfocus.com/bid/23057 https://exchange.xforce.ibmcloud.com/vulnerabilities/33174 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2007-1607
https://notcve.org/view.php?id=CVE-2007-1607
search.php in w-Agora (Web-Agora) allows remote attackers to obtain potentially sensitive information via a ' (quote) value followed by certain SQL sequences in the (1) search_forum or (2) search_user parameter, which force a SQL error. search.php in w-Agora (Web-Agora) permite a atacantes remotos obtener información confidencial potencial mediante un valor ' (comilla) seguido de sentencias SQL concretas en el parámetro (1) search_forum ó (2) search_user, que fuerzan un error SQL. • http://osvdb.org/34376 http://secunia.com/advisories/24605 http://securityreason.com/securityalert/2462 http://www.securityfocus.com/archive/1/463286/100/0/threaded http://www.securityfocus.com/bid/23057 https://exchange.xforce.ibmcloud.com/vulnerabilities/33177 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0606
https://notcve.org/view.php?id=CVE-2007-0606
w-agora 4.2.1 allows remote attackers to obtain sensitive information by via the (1) bn[] array parameter to index.php, which expects a string, and (2) certain parameters to delete_forum.php, which displays the path name in the resulting error message. w-agora 4.2.1 permite a atacantes remotos obtener información sensible mediante (1)el parámetro matriz bn[] en el index.php,que espera una cadena y (2) ciertos parámetros del delete_forum.php que muestran el nombre de la ruta en el resultado de un mensaje de error. • http://securityreason.com/securityalert/2461 http://www.netvigilance.com/advisory0014 http://www.osvdb.org/31668 http://www.osvdb.org/31669 http://www.securityfocus.com/archive/1/463213/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/33076 •
CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 1CVE-2007-0607
https://notcve.org/view.php?id=CVE-2007-0607
W-Agora (Web-Agora) 4.2.1, when register_globals is enabled, stores globals.inc under the web document root with insufficient access control, which allows remote attackers to obtain application path information via a direct request. W-Agora (Web-Agora) 4.2.1, cuando register_globals está activado, almacena globals.inc bajo la raíz de documentos web con control de acceso insuficiente, lo cual permite a atacantes remotos obtener información sobre la ruta de la aplicación mediante una petición directa. w-agora version 4.2.1 suffers from an information disclosure vulnerability. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053054.html http://securityreason.com/securityalert/2465 http://www.netvigilance.com/advisory0015 http://www.osvdb.org/31670 http://www.securityfocus.com/archive/1/463215/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/33073 •