Steve Kneizys : Security Vulnerabilities, CVEs,

CVE-2002-0215

Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.
Max CVSS
5.0
EPSS Score
0.50%
Published
2002-05-16
Updated
2008-09-11

CVE-2001-1199

Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
Max CVSS
7.5
EPSS Score
9.37%
Published
2001-12-17
Updated
2008-09-05
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close