W-Agora: Multiple Vulnerabilities

Users of W-Agora please be advised of Multiple Vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

W-Agora-SA-10/22/2010: Vulnerabilities in W-Agora

Affected products:


Vulnerable are W-Agora 4.2.1 and previous versions.

I want to warn you about Cross-Site Scripting and Local File Inclusion

vulnerabilities in W-Agora. In addition to vulnerabilities in this system

which I found and disclosed in 2006 (SecurityVulns ID: 6960).Read more at http://www.criticalwatch.com