CVE-2002-1878

w-Agora 4.1.3 - RCE

Title source: llm

Description

PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by frog · textwebappsphp
https://www.exploit-db.com/exploits/21529

References (5)

Scores

EPSS 0.0293
EPSS Percentile 86.2%

Classification

Status draft

Affected Products (3)

w-agora/w-agora
w-agora/w-agora
w-agora/w-agora

Timeline

Published Dec 31, 2002
Tracked Since Feb 18, 2026