Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbXatr0zEDB-ID:22109
HistoryDec 22, 2002 - 12:00 a.m.

W-Agora 4.1.6 - 'EditForm.php' Cross-Site Scripting

2002-12-2200:00:00
xatr0z
www.exploit-db.com
13

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/6464/info

W-Agora is a freely available, open source PHP forum software package. It is available for Unix and Linux systems.

A problem with W-Agora may make cross-site scripting attacks possible.

It has been reported that W-Agora has a vulnerability in the handling of script code. It is possible to format a malicious link containing arbitrary script code or HTML that when clicked on would execute in the security context of the vulnerable site. This would result in a browser security violation, and could lead to the theft of authentication cookies of administrators.

<URL:/editform.php?site=agora&blah=">Bug!>

AI Score

7.4

Confidence

Low

JSON