CVE

Id
23964  
CVE No.
CVE-2007-0607  
Status
Candidate  
Description
W-Agora (Web-Agora) 4.2.1, when register_globals is enabled, stores globals.inc under the web document root with insufficient access control, which allows remote attackers to obtain application path information via a direct request.  
Phase
Assigned (20070130)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
233529 23964 CVE-2007-0607 BUGTRAQ:20070319 w-agora version 4.2.1 Information Disclosure Vulnerability  View
233530 23964 CVE-2007-0607 URL:http://www.securityfocus.com/archive/1/archive/1/463215/100/0/threaded  View
233531 23964 CVE-2007-0607 FULLDISC:20070319 w-agora version 4.2.1 Information Disclosure Vulnerability  View
233532 23964 CVE-2007-0607 URL:http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053054.html  View
233533 23964 CVE-2007-0607 MISC:http://www.netvigilance.com/advisory0015  View
233534 23964 CVE-2007-0607 OSVDB:31670  View
233535 23964 CVE-2007-0607 URL:http://www.osvdb.org/31670  View
233536 23964 CVE-2007-0607 SREASON:2465  View
233537 23964 CVE-2007-0607 URL:http://securityreason.com/securityalert/2465  View
233538 23964 CVE-2007-0607 XF:wagora-globals-information-disclosure(33073)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
52787 JVNDB-2007-001479 Advanced Guestbook におけるディレクトリトラバーサルの脆弱性 Advanced Guestbook には、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2007-0609 23964 5.1 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001479.html  View