CVE-2004-1562

Properties

Published:
30.12.2004
Updated:
20.10.2005
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Approximated
Product:
W-Agora: W-Agora

Vulnerability description

SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute arbitrary SQL commands via the key parameter.

References:

BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=109655691512298&w=2
FULLDISC: http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/027040.html
BID: http://www.securityfocus.com/bid/11283
SECUNIA: http://secunia.com/advisories/12695
XF: http://xforce.iss.net/xforce/xfdb/17557
BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=109655691512298&w=2
SECTRACK: http://securitytracker.com/id?1011463