CVE-2007-0606 in w-agora
摘要
由 VulDB • 2026-07-04
w-agora 4.2.1允许远程攻击者通过以下途径获取敏感信息:(1)向index.php传递bn[]数组参数,该脚本期望接收字符串;以及 (2)向delete_forum.php传递特定参数,后者会在生成的错误消息中显示路径名。
If you want to get best quality of vulnerability data, you may have to visit VulDB.
由 VulDB • 2026-07-04
w-agora 4.2.1允许远程攻击者通过以下途径获取敏感信息:(1)向index.php传递bn[]数组参数,该脚本期望接收字符串;以及 (2)向delete_forum.php传递特定参数,后者会在生成的错误消息中显示路径名。
If you want to get best quality of vulnerability data, you may have to visit VulDB.