W-Agora Site Parameter Remote Directory Traversal Flaw Network Vulnerability

Summary

The remote host is running w-agora, a web-based forum management software written in PHP. The remote version of this software is prone to directory traversal attacks. An attacker could send specially crafted URL to read arbitrary files on the remote system with the privileges of the web server process.

Solution

Upgrade to the newest version of this software

Severity

Classification

CVE CVE-2005-2648
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apple Safari Multiple Vulnerabilities
Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
Adobe ColdFusion Multiple Vulnerabilities-03 May-2014
Apache ActiveMQ Multiple Vulnerabilities
Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability

w-Agora Site parameter remote directory traversal flaw

Take action and discover your vulnerabilities