Filtered by vendor Steve Kneizys Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-0215 1 Steve Kneizys 1 Agora.cgi 2024-11-20 N/A
Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.
CVE-2001-1199 1 Steve Kneizys 1 Agora.cgi 2024-11-20 N/A
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.