2 matches found
CVE-2007-0607
CVE-2007-0607 concerns w-agora 4.2.1 where enabling PHP register_globals allows disclosure of the contents of globals.inc by direct requests to the web document root, leaking server paths. The vulnerability stems from insufficient access control around globals.inc, enabling information disclosure...
wagora-disclose.txt
netVigilance Security Advisory 15 w-agora version 4.2.1 Information Disclosure Vulnerability Description: w-agora is a set of scripts written in PHP. This package is intended to allow users to share, exchange and publish information, files and discussions over the web. It is possible to disclose...