search.php in w-Agora (Web-Agora) allows remote malicious users to obtain potentially sensitive information via a ' (quote) value followed by certain SQL sequences in the (1) search_forum or (2) search_user parameter, which force a SQL error.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
w-agora w-agora 4.2.1 |