Vulnerabilities > CVE-2007-1188 - Remote vulnerability in Webapp.Org Webapp

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

web-app-org

NVD

Published: 2007-03-02

Updated: 2011-03-08

Summary

WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to "search form hijacking".

Vulnerable Configurations

Part	Description	Count
Application	Web-App.Org WEB App.Org Webapp 0.9.9 WEB App.Org Webapp 0.9.9.1 WEB App.Org Webapp 0.9.9.2 WEB App.Org Webapp 0.9.9.2.1 WEB App.Org Webapp 0.9.9.3 WEB App.Org Webapp 0.9.9.3.1 WEB App.Org Webapp 0.9.9.3.2 WEB App.Org Webapp 0.9.9.4	8

References

http://osvdb.org/33299
http://secunia.com/advisories/24080
http://www.securityfocus.com/bid/22563
http://www.vupen.com/english/advisories/2007/0604
http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250