Vulnerabilities > CVE-2007-1827 - Remote Security vulnerability in WebAPP

CVSS 6.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

web-app-org

NVD

Published: 2007-04-03

Updated: 2011-03-08

Summary

Multiple unspecified vulnerabilities in form input validation in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to corrupt data files, gain access to private files, and execute arbitrary code via "certain characters."

Vulnerable Configurations

Part	Description	Count
Application	Web-App.Org WEB App.Org Webapp 0.9.9 WEB App.Org Webapp 0.9.9.1 WEB App.Org Webapp 0.9.9.2 WEB App.Org Webapp 0.9.9.2.1 WEB App.Org Webapp 0.9.9.3 WEB App.Org Webapp 0.9.9.3.1 WEB App.Org Webapp 0.9.9.3.2 WEB App.Org Webapp 0.9.9.3.3 WEB App.Org Webapp 0.9.9.3.4 WEB App.Org Webapp 0.9.9.3.5 WEB App.Org Webapp 0.9.9.4 WEB App.Org Webapp 0.9.9.5	12

References

http://osvdb.org/45396
http://secunia.com/advisories/24227
http://www.attrition.org/pipermail/vim/2007-March/001455.html
http://www.vupen.com/english/advisories/2007/0720
http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=252
http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=254