Page 5 of 24 results (0.008 seconds)

CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 3

CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the thread parameter. • https://www.exploit-db.com/exploits/24651 http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/027040.html http://marc.info/?l=bugtraq&m=109655691512298&w=2 http://secunia.com/advisories/12695 http://securitytracker.com/id?1011463 http://www.securityfocus.com/bid/11283 https://exchange.xforce.ibmcloud.com/vulnerabilities/17558 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form. • https://www.exploit-db.com/exploits/22109 http://archives.neohapsis.com/archives/bugtraq/2002-12/0222.html http://archives.neohapsis.com/archives/bugtraq/2002-12/0225.html http://www.securityfocus.com/bid/6464 https://exchange.xforce.ibmcloud.com/vulnerabilities/10920 •

CVSS: 5.0EPSS: 5%CPEs: 3EXPL: 4

PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter. • https://www.exploit-db.com/exploits/21529 http://archives.neohapsis.com/archives/bugtraq/2002-06/0055.html http://www.ifrance.com/kitetoua/tuto/W-Agora.txt http://www.iss.net/security_center/static/9317.php http://www.securityfocus.com/bid/4977 http://www.w-agora.net/current/view.php?site=support&bn=support_dl&key=1023878911&first=1023878911&last=957369563 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequences in the file parameter. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0222.html http://archives.neohapsis.com/archives/bugtraq/2002-12/0225.html http://www.iss.net/security_center/static/10919.php http://www.securityfocus.com/bid/6463 •