Vulnerabilities > CVE-2007-1185 - Remote vulnerability in Webapp.Org Webapp

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

web-app-org

NVD

Published: 2007-03-02

Updated: 2011-03-08

Summary

The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval forms in WebAPP before 0.9.9.5 use hidden inputs, which has unknown impact and remote attack vectors.

Vulnerable Configurations

Part	Description	Count
Application	Web-App.Org WEB App.Org Webapp 0.9.9 WEB App.Org Webapp 0.9.9.1 WEB App.Org Webapp 0.9.9.2 WEB App.Org Webapp 0.9.9.2.1 WEB App.Org Webapp 0.9.9.3 WEB App.Org Webapp 0.9.9.3.1 WEB App.Org Webapp 0.9.9.3.2 WEB App.Org Webapp 0.9.9.4	8

References

http://osvdb.org/33295
http://secunia.com/advisories/24080
http://www.securityfocus.com/bid/22563
http://www.vupen.com/english/advisories/2007/0604
http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250