Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1878

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1878
Last Modified 05 Sep 2008 04:31:44
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1878

Summary

PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter.

Vulnerable Systems

Application

  • W-agora 4.1.1

  • W-agora 4.1.2

  • W-agora 4.1.3


References

XF - wagora-file-include(9317)

CONFIRM - http://www.w-agora.net/current/view.php?site=support&bn=support_dl&key=1023878911&first=1023878911&last=957369563

BID - 4977

MISC - http://www.ifrance.com/kitetoua/tuto/W-Agora.txt

BUGTRAQ - 20020608 Security holes in LokwaBB and W-Agora


Last Updated: 27 May 2016 10:37:31