Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
agora vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-6562
XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS] attack.
Agora-project Agora-project 3.2.2
4.6
CVSSv2
CVE-2002-2128
editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequences in the file parameter.
W-agora W-agora 4.1.5
4.3
CVSSv2
CVE-2002-2129
Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote malicious users to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form.
W-agora W-agora 4.1.5
1 EDB exploit
6.8
CVSSv2
CVE-2006-7194
PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter.
Republique Francaise Agora 1.4 Rc1
1 EDB exploit
4.3
CVSSv2
CVE-2020-25605
Cleartext transmission of sensitive information in Agora Video SDK before 3.1 allows a remote malicious user to obtain access to audio and video of any ongoing Agora video call through observation of cleartext network traffic.
Agora Video Software Development Kit
6.8
CVSSv2
CVE-2009-3053
Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php.
Jvitals Com Agora 3.0.0b
1 EDB exploit
6.4
CVSSv2
CVE-2021-38621
The remove API in v1/controller/cloudStorage/alibabaCloud/remove/index.ts in netless Agora Flat Server prior to 2021-07-30 mishandles file ownership.
Netless Flat Server
7.5
CVSSv2
CVE-2001-1199
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a up to and including 4.0g, when debug mode is enabled, allows remote malicious users to execute Javascript on other clients via the cart_id parameter.
Steve Kneizys Agora.cgi 4.0d
Steve Kneizys Agora.cgi 3.3e
Steve Kneizys Agora.cgi 3.3b
Steve Kneizys Agora.cgi 3.3c
Steve Kneizys Agora.cgi 3.2f
Steve Kneizys Agora.cgi 3.2r
Steve Kneizys Agora.cgi 3.2
Steve Kneizys Agora.cgi 3.3j
Steve Kneizys Agora.cgi 3.2l
Steve Kneizys Agora.cgi 3.2k
Steve Kneizys Agora.cgi 3.2d
Steve Kneizys Agora.cgi 3.2p
Steve Kneizys Agora.cgi 3.2j
Steve Kneizys Agora.cgi 3.2ja
Steve Kneizys Agora.cgi 3.2e
Steve Kneizys Agora.cgi 4.0b
Steve Kneizys Agora.cgi 3.2g
Steve Kneizys Agora.cgi 3.2b
Steve Kneizys Agora.cgi 3.3f
Steve Kneizys Agora.cgi 3.2m
Steve Kneizys Agora.cgi 3.3i
Steve Kneizys Agora.cgi 4.0
1 EDB exploit
5
CVSSv2
CVE-2011-5087
Unspecified vulnerability in AdAstrA TRACE MODE Data Center allows remote malicious users to read arbitrary files via unknown vectors, as demonstrated by the GLEG Agora SCADA+ Exploit Pack for Immunity CANVAS.
Adastra Trace Mode Data Center -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3