2 matches found
CVE-2004-1565
CVE-2004-1565 affects w-Agora 4.1.6a: list.php exposes the full server path via a crafted HTTP request to an id parameter (path disclosure). The connected Nessus entry notes multiple input validation issues in the remote software, including SQL injection and XSS vectors, but does not provide a pa...
CVE-2004-1565
list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter...