CVE-2007-1605

Name of the Vulnerable Software and Affected Versions w-Agora (Web-Agora) (affected versions not specified)

Description The issue allows remote attackers to obtain sensitive information via various requests to different PHP files, including rss.php, index.php, profile.php, and search.php, with specific parameter values or empty parameters, such as site, bn, site[], sort[], pattern[], or search date[]. These requests can reveal the path in error messages, possibly due to variable type inconsistencies.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.