CVE-2004-1564

Published: Dec 31, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the thread parameter.

Affected (1)

Products: W Agora: W Agora

W Agora

1 product

W Agora

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
W Agora W Agora	Version 4.1.6a

References (12)

http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/027040.html

Source: cve@mitre.org

ExploitVendor Advisory

http://marc.info/?l=bugtraq&m=109655691512298&w=2

Source: cve@mitre.org

http://secunia.com/advisories/12695

Source: cve@mitre.org

PatchVendor Advisory

http://securitytracker.com/id?1011463

Source: cve@mitre.org

http://www.securityfocus.com/bid/11283

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/17558

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/027040.html