CVE-2007-1177

WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to (1) the query string, (2) Profiles, (3) the Forum Post icon field, (4) the Edit Profile, and (5) the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting (XSS).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:web-app.org:webapp:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:web-app.org:webapp:0.9.9.1:*:*:*:*:*:*:*
cpe:2.3:a:web-app.org:webapp:0.9.9.2:*:*:*:*:*:*:*
cpe:2.3:a:web-app.org:webapp:0.9.9.2.1:*:*:*:*:*:*:*
cpe:2.3:a:web-app.org:webapp:0.9.9.3:*:*:*:*:*:*:*
cpe:2.3:a:web-app.org:webapp:0.9.9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:web-app.org:webapp:0.9.9.3.2:*:*:*:*:*:*:*
cpe:2.3:a:web-app.org:webapp:0.9.9.4:*:*:*:*:*:*:*

History

21 Nov 2024, 00:27

Type Values Removed Values Added
References () http://osvdb.org/33277 - () http://osvdb.org/33277 -
References () http://osvdb.org/33283 - () http://osvdb.org/33283 -
References () http://osvdb.org/33286 - () http://osvdb.org/33286 -
References () http://osvdb.org/33287 - () http://osvdb.org/33287 -
References () http://secunia.com/advisories/24080 - Patch, Vendor Advisory () http://secunia.com/advisories/24080 - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/22563 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/22563 - Patch, Vendor Advisory
References () http://www.vupen.com/english/advisories/2007/0604 - () http://www.vupen.com/english/advisories/2007/0604 -
References () http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 - () http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 -

Information

Published : 2007-03-02 21:18

Updated : 2024-11-21 00:27


NVD link : CVE-2007-1177

Mitre link : CVE-2007-1177

CVE.ORG link : CVE-2007-1177


JSON object : View

Products Affected

web-app.org

  • webapp