Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: infos

w-Agora Multiple Input Validation Vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
Checks for vulnerabilities in w-Agora

Detailed Explanation for this Vulnerability Test

The remote host is running w-agora, a web-based forum management software
written in PHP.

There are multiple input validation flaws in the remote version of this
software :

- There is an SQL injection vulnerability in the file 'redir_url.php' which
may allow a possible hacker to execute arbitrary SQL statements in the remote

- There is a cross site scripting issue which may allow a possible hacker to
steal the cookies of the legitimate users of the remote site by sending them
a specially malformed link

- There is an HTTP response splitting vulnerability which may also allow
a possible hacker to perform cross-site scripting attacks against the remote host.

Solution : Upgrade to the newest version of this software
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.