#SIAADV-08-001 - W-Agora web publishing and forum Cross Site Scripting
--------------------------------------------------------------------------
Autor: Daniel Medianero garcía ( dmedianero @ sia.es )
Vendor: W-Agora - http://www.w-agora.net
Impact: Cross Site Scripting
URL: http://www.514.es

Affected applications:
----------------------
- w-Agora : web publishing and forum software


Affected versions:
------------------
- W-Agora 4.2.1


Affected Operating systems:
---------------------------
- Cross-platform (Web Application written in php) 


Unaffected versions:
-----------------------
- Currently none


Product overview:
-----------------
W-agora (http://www.w-agora.net) System Web publication and discussion forums, fully customizable according to the needs of the user, open source for free modification and distribution. Installation and setup is quick and easy.


Vulnerability Description:
---------------------------

Multiple vulnerabilities have been identified which could be exploited by attackers to execute arbitrary scripting code. These issues are caused
by input validation errors in the "admin_user.php" script when processing the "userid" and "pattern" 
parameters, which could be exploited by attackers to cause arbitrary scripting code to be executed
by the user's browser in the security context of an affected Web site.


Technical Details:
------------------

The exploitation of these vulnerabilities can be done
Tampering of the mentioned parameters and changing its value by some vector
XSS attack.


Solution:
---------

There are currently no version that corrects this flaw. It recommends install modsecurity with anti XSS rules.

Timeline:
---------

24/09/2007	- Vulnerability discovered
			- First-notification W-Agora Software
			- Opens the bug in Bugtrack # 1863010