Back to search
CVE-2007-0606
Published: Mar 21, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
w-agora 4.2.1 allows remote attackers to obtain sensitive information by via the (1) bn[] array parameter to index.php, which expects a string, and (2) certain parameters to delete_forum.php, which displays the path name in the resulting error message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
wagora-deleteforumindex-path-disclosure(33076)
vdb-entry
x_refsource_XF
20070319 w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
31669
vdb-entry
x_refsource_OSVDB
31668
vdb-entry
x_refsource_OSVDB
2461
third-party-advisory
x_refsource_SREASON
http://www.netvigilance.com/advisory0014
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now