Web-app.org : Security Vulnerabilities, CVEs, Published In April 2007

CVE-2007-1832

web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to upload certain files (1) via a crafted filename or (2) by "using percent encoding in forms."
Max CVSS
5.0
EPSS Score
1.07%
Published
2007-04-03
Updated
2011-03-08

CVE-2007-1831

web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to open files and write "wrong data" via a crafted QUERY_STRING.
Max CVSS
6.0
EPSS Score
0.71%
Published
2007-04-03
Updated
2011-03-08

CVE-2007-1830

Unspecified vulnerability in the Username Hijacking Patch 20070312 for web-app.org WebAPP 0.9.9.6 allows remote attackers to obtain administrative access via unknown vectors, related to "something overlooked in the original that was still overlooked in the patch", and possibly related to copying files to the user-lib and the "XSS and cookies exploit."
Max CVSS
4.3
EPSS Score
0.24%
Published
2007-04-03
Updated
2008-11-13

CVE-2007-1828

Multiple cross-site scripting (XSS) vulnerabilities in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the QUERY_STRING corresponding to drop downs or (2) various forms.
Max CVSS
3.5
EPSS Score
0.14%
Published
2007-04-03
Updated
2011-03-08

CVE-2007-1827

Multiple unspecified vulnerabilities in form input validation in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to corrupt data files, gain access to private files, and execute arbitrary code via "certain characters."
Max CVSS
6.0
EPSS Score
3.00%
Published
2007-04-03
Updated
2011-03-08
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close