Lucene search
HistoryMar 21, 2007 - 7:19 p.m.
CVE-2007-0606
w-agora
vulnerability
sensitive information
remote attack
cve-2007-0606
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.007 Low
EPSS
Percentile
80.6%
w-agora 4.2.1 allows remote attackers to obtain sensitive information by via the (1) bn[] array parameter to index.php, which expects a string, and (2) certain parameters to delete_forum.php, which displays the path name in the resulting error message.
| CPE | Name | Operator | Version |
|---|---|---|---|
| w-agora:w-agora | w-agora | eq | 4.2.1 |
Related
securityvulns
securityvulns
w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities
2007-03-19 00:00:00
prion
prion
Design/Logic Flaw
2007-03-21 19:19:00
Design/Logic Flaw
2007-03-22 23:19:00
cve
cve
CVE-2007-1605
2007-03-22 23:19:00
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.007 Low
EPSS
Percentile
80.6%
Related for CVE-2007-0606