2 matches found
CVE-2007-1604
Multiple unrestricted file upload vulnerabilities in w-Agora Web-Agora allow remote attackers to upload and execute arbitrary PHP code 1 via a forum message with an attached file, which is stored under forums/hello/hello/notes/ or 2 by using browseavatar.php to upload a file with a double...
CVE-2007-1604
CVE-2007-1604 affects w-Agora (Web-Agora). The vulnerability consists of multiple unrestricted file upload flaws that enable remote attackers to upload and execute arbitrary PHP code. Specifically, an attacker can (1) attach a file to a forum message stored under forums/hello/hello/notes/ or (2) ...