2 matches found
CVE-2004-1563
Multiple cross-site scripting XSS vulnerabilities in w-Agora 4.1.6a allow remote attackers to execute arbitrary web script or HTML via the 1 thread parameter to downloadthread.php, 2 loginuser parameter to login.php, or 3 userid parameter to forgotpassword.php...
CVE-2004-1563
CVE-2004-1563 concerns multiple XSS flaws in w-Agora 4.1.6a. The affected component is the web-based forum software (PHP) and the vulnerable vectors are: (1) thread parameter in download_thread.php, (2) loginuser parameter in login.php, and (3) userid parameter in forgot_password.php. The underly...