CVE-2002-1878

w-Agora 4.1.3 - RCE

Title source: llm

PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter.

exploitdb WORKING POC VERIFIED

by frog · textwebappsphp

Core 5

Core References

Various Sources x_refsource_confirm

Exploit vdb-entry x_refsource_bid

Patch vdb-entry x_refsource_xf

Exploit mailing-list x_refsource_bugtraq

Exploit x_refsource_misc

EPSS 0.0318

EPSS Percentile 87.0%

Status published

Products (3)

w-agora/w-agora 4.1.1

w-agora/w-agora 4.1.2

w-agora/w-agora 4.1.3

Published Dec 31, 2002

Tracked Since Feb 18, 2026