W-Agora 4.1.6a - 'subscribe_thread.php' HTTP Response Splitting
| EKU-ID: 30032 | CVE: CVE-2004-1564;OSVDB-10461 | OSVDB-ID: |
| Author: Alexander Antipov | Published: 2004-09-30 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30032 | CVE: CVE-2004-1564;OSVDB-10461 | OSVDB-ID: |
| Author: Alexander Antipov | Published: 2004-09-30 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/11283/info Multiple vulnerabilities are reported to affect the application. These issues arise due to insufficient sanitization of user-supplied data. A remote attacker may leverage these vulnerabilities to carry out SQL injection, cross-site scripting, and HTTP response splitting attacks. These issues were identified in W-Agora 4.1.6a, however, it is possible that other versions are also affected. /subscribe_thread.php?site=support&bn=support_in