Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the bn parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
w-agora w-agora 4.0.3 |
||
w-agora w-agora 4.1.0 |
||
w-agora w-agora 4.1.7 |
||
w-agora w-agora |
||
w-agora w-agora 4.2.0 |
||
w-agora w-agora 4.1.1 |
||
w-agora w-agora 4.1.2 |
||
w-agora w-agora 4.1.3 |
||
w-agora w-agora 4.0.2 |
||
w-agora w-agora 4.0.2a |
||
w-agora w-agora 4.1.6 |
||
w-agora w-agora 4.1.6a |
||
w-agora w-agora 4.0.0 |
||
w-agora w-agora 4.0.1 |
||
w-agora w-agora 4.1.4 |
||
w-agora w-agora 4.1.5 |