CVSS: 9.8EPSS: 3%CPEs: 16EXPL: 2CVE-2010-4867 – W-Agora 4.2.1 - 'search.php3?bn' Traversal Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-4867
05 Oct 2011 — Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bn parameter. Vulnerabilidad de salto de directorio en search.php3 (search.php) de W-Agora 4.2.1 y versiones anteriores. Permite a atacantes remotos incluir y ejecutar archivos locales arbitrarios a través de .. (punto punto) en el parámetro bn. • https://www.exploit-db.com/exploits/34905 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 2%CPEs: 16EXPL: 3CVE-2010-4868 – W-Agora 4.2.1 - 'search.php?bn' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-4868
05 Oct 2011 — Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en search.php3 (search.php) de W-Agora 4.2.1 y versiones anteriores. Permite a usuarios remotos inyectar codigo de script web o código HTML de su elección a través del parámetro bn. • https://www.exploit-db.com/exploits/34906 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 10CVE-2008-1466 – W-Agora 4.0 - 'add_user.php?bn_dir_default' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2008-1466
24 Mar 2008 — Multiple PHP remote file inclusion vulnerabilities in W-Agora 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the bn_dir_default parameter to (1) add_user.php, (2) create_forum.php, (3) create_user.php, (4) delete_notes.php, (5) delete_user.php, (6) edit_forum.php, (7) mail_users.php, (8) moderate_notes.php, and (9) reorder_forums.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de inclusi... • https://www.exploit-db.com/exploits/31449 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-6647 – w-Agora 4.2.1 - 'cat' SQL Injection
https://notcve.org/view.php?id=CVE-2007-6647
04 Jan 2008 — SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. Vulnerabilidad de inyección SQL en index.php de w-Agora 4.2.1 y anteriores permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro cat. • https://www.exploit-db.com/exploits/4817 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 2CVE-2007-1604 – W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-1604
22 Mar 2007 — Multiple unrestricted file upload vulnerabilities in w-Agora (Web-Agora) allow remote attackers to upload and execute arbitrary PHP code (1) via a forum message with an attached file, which is stored under forums/hello/hello/notes/ or (2) by using browse_avatar.php to upload a file with a double extension, as demonstrated by .php.jpg. Múltiples vulnerabilidades de promoción de ficheros no restringida en w-Agora (Web-Agora) permiten a atacantes remotos promocionar y ejecutar código PHP de su elección (1) med... • https://www.exploit-db.com/exploits/29763 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2007-1605
https://notcve.org/view.php?id=CVE-2007-1605
22 Mar 2007 — w-Agora (Web-Agora) allows remote attackers to obtain sensitive information via a request to rss.php with an invalid (1) site or (2) bn parameter, (3) a certain value of the site[] parameter, or (4) an empty value of the bn[] parameter; a request to index.php with a certain value of the (5) site[] or (6) sort[] parameter; (7) a request to profile.php with an empty value of the site[] parameter; or a request to search.php with (8) an empty value of the bn[] parameter or a certain value of the (9) pattern[] o... • http://osvdb.org/34380 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3CVE-2007-1606 – W-Agora 4.2.1 - 'change_password.php?userid' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-1606
22 Mar 2007 — Multiple cross-site scripting (XSS) vulnerabilities in w-Agora (Web-Agora) allow remote attackers to inject arbitrary web script or HTML via (1) the showuser parameter to profile.php, the (2) search_forum or (3) search_user parameter to search.php, or (4) the userid parameter to change_password.php. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en w-Agora (Web-Agora) permiten a atacantes remotos inyectar scripts web o HTML de su elección mediante (1) el parámetro showuser en ... • https://www.exploit-db.com/exploits/29766 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-1607
https://notcve.org/view.php?id=CVE-2007-1607
22 Mar 2007 — search.php in w-Agora (Web-Agora) allows remote attackers to obtain potentially sensitive information via a ' (quote) value followed by certain SQL sequences in the (1) search_forum or (2) search_user parameter, which force a SQL error. search.php in w-Agora (Web-Agora) permite a atacantes remotos obtener información confidencial potencial mediante un valor ' (comilla) seguido de sentencias SQL concretas en el parámetro (1) search_forum ó (2) search_user, que fuerzan un error SQL. • http://osvdb.org/34376 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0606
https://notcve.org/view.php?id=CVE-2007-0606
21 Mar 2007 — w-agora 4.2.1 allows remote attackers to obtain sensitive information by via the (1) bn[] array parameter to index.php, which expects a string, and (2) certain parameters to delete_forum.php, which displays the path name in the resulting error message. w-agora 4.2.1 permite a atacantes remotos obtener información sensible mediante (1)el parámetro matriz bn[] en el index.php,que espera una cadena y (2) ciertos parámetros del delete_forum.php que muestran el nombre de la ruta en el resultado de un mensaje de ... • http://securityreason.com/securityalert/2461 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0607
https://notcve.org/view.php?id=CVE-2007-0607
20 Mar 2007 — W-Agora (Web-Agora) 4.2.1, when register_globals is enabled, stores globals.inc under the web document root with insufficient access control, which allows remote attackers to obtain application path information via a direct request. W-Agora (Web-Agora) 4.2.1, cuando register_globals está activado, almacena globals.inc bajo la raíz de documentos web con control de acceso insuficiente, lo cual permite a atacantes remotos obtener información sobre la ruta de la aplicación mediante una petición directa. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053054.html •