Path Disclosure Vulnerability in Agora.cgi Debug Mode

Path Disclosure Vulnerability in Agora.cgi Debug Mode

CVE-2002-0215 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.

Learn more about our Web Application Penetration Testing UK.