CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-0606

w-agora 4.2.1 allows remote attackers to obtain sensitive information by via the (1) bn[] array parameter to index.php, which expects a string, and (2) certain parameters to delete_forum.php, which displays the path name in the resulting error message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.6%

CVSS Severity

CVSS v2 Score 5.0

References

http://securityreason.com/securityalert/2461
http://www.netvigilance.com/advisory0014
http://www.osvdb.org/31668
http://www.osvdb.org/31669
http://www.securityfocus.com/archive/1/463213/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/33076
http://securityreason.com/securityalert/2461
http://www.netvigilance.com/advisory0014
http://www.osvdb.org/31668
http://www.osvdb.org/31669
http://www.securityfocus.com/archive/1/463213/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/33076

Products affected by CVE-2007-0606

W-Agora » W-Agora » Version: 4.2.1

cpe:2.3:a:w-agora:w-agora:4.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0606

Products

Pricing

Contact Us