Steve Kneizys Agora.Cgi vulnerabilities
2 known vulnerabilities affecting steve_kneizys/agora.cgi.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2001-1199P4HIGHCVSS 7.5PoCv3.2v3.2a+30 more2001-12-17
CVE-2001-1199 [HIGH] CVE-2001-1199: Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enab
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
nvd
CVE-2002-0215P4MEDIUMCVSS 5.0PoCv3.2v3.2a+31 more2002-05-16
CVE-2002-0215 [MEDIUM] CVE-2002-0215: Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathnam
Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.
nvd