Vulnerabilities > W Agora > W Agora > 4.1.5

DATE CVE VULNERABILITY TITLE RISK
2011-10-05 CVE-2010-4868 Cross-Site Scripting vulnerability in W-Agora
Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter.
network
w-agora CWE-79
4.3
2011-10-05 CVE-2010-4867 Path Traversal vulnerability in W-Agora
Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..
network
low complexity
w-agora CWE-22
7.5
2002-12-31 CVE-2002-2129 Cross-Site Scripting vulnerability in W-Agora 4.1.5
Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form.
network
w-agora
4.3
2002-12-31 CVE-2002-2128 Unspecified vulnerability in W-Agora 4.1.5
editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via ..
local
low complexity
w-agora
4.6