Vulnerabilities > CVE-2007-3418 - Unspecified vulnerability in Web-App.Org Webapp

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

web-app-org

NVD

Published: 2007-06-26

Updated: 2024-11-21

Summary

The displaypost function in cgi-bin/cgi-lib/forum_display.pl in web-app.org WebAPP before 0.9.9.7 does not display usernames in conjunction with real names, which makes it easier for remote authenticated users to impersonate other users.

Vulnerable Configurations

Part	Description	Count
Application	Web-App.Org WEB App.Org Webapp *	1

References

http://osvdb.org/45399
http://osvdb.org/45399
http://www.web-app.org/cgi-bin/index.cgi?action=forum&board=how_to&op=display&num=9458
http://www.web-app.org/cgi-bin/index.cgi?action=forum&board=how_to&op=display&num=9458
http://www.web-app.org/downloads/WebAPPv0.9.9.7.zip
http://www.web-app.org/downloads/WebAPPv0.9.9.7.zip