2 matches found
CVE-2007-1607
search.php in w-Agora Web-Agora allows remote attackers to obtain potentially sensitive information via a ' quote value followed by certain SQL sequences in the 1 searchforum or 2 searchuser parameter, which force a SQL error...
CVE-2007-1607
The CVE-2007-1607 entry concerns the w-Agora (Web-Agora) web app. The vulnerable component is search.php, where the (1) search_forum and (2) search_user parameters can be injected with a quote followed by certain SQL sequences, triggering a SQL error and potentially exposing sensitive information...