CVE-2002-2128

CVE-2002-2128

EPSS 0.4%

editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequences in the file parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://archives.neohapsis.com/archives/bugtraq/2002-12/0222.html http://archives.neohapsis.com/archives/bugtraq/2002-12/0225.html http://www.iss.net/security_center/static/10919.php http://www.securityfocus.com/bid/6463