EUVD-2007-0605

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Web-Agora 4.2.1 with register_globals enabled exposes path info due to insufficient access control.

Reporter	Title	Published	Views	Family All 7
CVE	CVE-2007-0607	20 Mar 200720:00	–	cve
Cvelist	CVE-2007-0607	20 Mar 200720:00	–	cvelist
NVD	CVE-2007-0607	20 Mar 200720:19	–	nvd
Packet Storm	wagora-disclose.txt	20 Mar 200700:00	–	packetstorm
Prion	Improper access control	20 Mar 200720:19	–	prion
securityvulns	w-agora version 4.2.1 Information Disclosure Vulnerability	19 Mar 200700:00	–	securityvulns
securityvulns	Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)	19 Mar 200700:00	–	securityvulns

[
  {
    "enisaIdVendor": [
      {
        "id": "30f3cddf-edc4-37c7-83e7-fd0ffab2b0b9",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "aa25c285-4d3d-37df-81f3-6a25633b88a9",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2007-0607
securityreason	www.securityreason.com/securityalert/2465
netvigilance	www.netvigilance.com/advisory0015
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/33073
lists	www.lists.grok.org.uk/pipermail/full-disclosure/2007-March/053054.html
osvdb	www.osvdb.org/31670
securityfocus	www.securityfocus.com/archive/1/463215/100/0/threaded
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.4Medium risk

Vulners AI Score6.4

CVSS 24.3

EPSS0.00622