Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w-agora w-agora 4.1.6a vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2004-1563
Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow remote malicious users to execute arbitrary web script or HTML via the (1) thread parameter to download_thread.php, (2) loginuser parameter to login.php, or (3) userid parameter to forgot_password.php.
W-agora W-agora 4.1.6a
3 EDB exploits
7.5
CVSSv2
CVE-2004-1562
SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote malicious users to execute arbitrary SQL commands via the key parameter.
W-agora W-agora 4.1.6a
1 EDB exploit
5
CVSSv2
CVE-2004-1564
CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote malicious users to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the thread parameter.
W-agora W-agora 4.1.6a
1 EDB exploit
5
CVSSv2
CVE-2004-1565
list.php in w-Agora 4.1.6a allows remote malicious users to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter.
W-agora W-agora 4.1.6a
7.5
CVSSv2
CVE-2010-4867
Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the bn parameter.
W-agora W-agora 4.0.3
W-agora W-agora 4.1.0
W-agora W-agora 4.1.7
W-agora W-agora
W-agora W-agora 4.2.0
W-agora W-agora 4.1.1
W-agora W-agora 4.1.2
W-agora W-agora 4.1.3
W-agora W-agora 4.0.2
W-agora W-agora 4.0.2a
W-agora W-agora 4.1.6
W-agora W-agora 4.1.6a
W-agora W-agora 4.0.0
W-agora W-agora 4.0.1
W-agora W-agora 4.1.4
W-agora W-agora 4.1.5
1 EDB exploit
4.3
CVSSv2
CVE-2010-4868
Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the bn parameter.
W-agora W-agora 4.0.3
W-agora W-agora 4.1.0
W-agora W-agora 4.1.6a
W-agora W-agora 4.1.7
W-agora W-agora
W-agora W-agora 4.2.0
W-agora W-agora 4.1.1
W-agora W-agora 4.1.2
W-agora W-agora 4.0.2
W-agora W-agora 4.0.2a
W-agora W-agora 4.1.5
W-agora W-agora 4.1.6
W-agora W-agora 4.0.0
W-agora W-agora 4.0.1
W-agora W-agora 4.1.3
W-agora W-agora 4.1.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started