CVE Vulnerabilities

CVE-2001-1199

Published: Dec 17, 2001 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.

Affected Software

Name Vendor Start Version End Version
Agora.cgi Steve_kneizys 3.2 3.2
Agora.cgi Steve_kneizys 3.2a 3.2a
Agora.cgi Steve_kneizys 3.2b 3.2b
Agora.cgi Steve_kneizys 3.2c 3.2c
Agora.cgi Steve_kneizys 3.2d 3.2d
Agora.cgi Steve_kneizys 3.2e 3.2e
Agora.cgi Steve_kneizys 3.2f 3.2f
Agora.cgi Steve_kneizys 3.2g 3.2g
Agora.cgi Steve_kneizys 3.2h 3.2h
Agora.cgi Steve_kneizys 3.2i 3.2i
Agora.cgi Steve_kneizys 3.2j 3.2j
Agora.cgi Steve_kneizys 3.2ja 3.2ja
Agora.cgi Steve_kneizys 3.2k 3.2k
Agora.cgi Steve_kneizys 3.2l 3.2l
Agora.cgi Steve_kneizys 3.2m 3.2m
Agora.cgi Steve_kneizys 3.2n 3.2n
Agora.cgi Steve_kneizys 3.2p 3.2p
Agora.cgi Steve_kneizys 3.2q 3.2q
Agora.cgi Steve_kneizys 3.2r 3.2r
Agora.cgi Steve_kneizys 3.3a 3.3a
Agora.cgi Steve_kneizys 3.3b 3.3b
Agora.cgi Steve_kneizys 3.3c 3.3c
Agora.cgi Steve_kneizys 3.3d 3.3d
Agora.cgi Steve_kneizys 3.3e 3.3e
Agora.cgi Steve_kneizys 3.3f 3.3f
Agora.cgi Steve_kneizys 3.3i 3.3i
Agora.cgi Steve_kneizys 3.3j 3.3j
Agora.cgi Steve_kneizys 4.0 4.0
Agora.cgi Steve_kneizys 4.0a 4.0a
Agora.cgi Steve_kneizys 4.0b 4.0b
Agora.cgi Steve_kneizys 4.0c 4.0c
Agora.cgi Steve_kneizys 4.0d 4.0d

References