Page 6 of 36 results (0.010 seconds)

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

WebAPP before 0.9.9.5 passes (1) Unused Informations and (2) the username through Edit Profile forms, which has unknown impact and attack vectors. WebAPP anterior a 0.9.9.5 (1) las informaciones inusitadas y (2) el username a través formularios de Edición del perfil, tiene vectores de impacto desconocidos y vectores de ataque. • http://osvdb.org/33291 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 •

CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0

WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to "search form hijacking". WebAPP anterior a 0.9.9.5 permite a atacantes remotos enviar el formularios de entrada de búsqueda que no son validados para (1) composition o(2) length, lo cual tiene un impacto desconocido, posiblemente relacionado con "secuestro de formulario de búsqueda". • http://osvdb.org/33299 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 •

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval forms in WebAPP before 0.9.9.5 use hidden inputs, which has unknown impact and remote attack vectors. Los formularios de (1) Search, (2) Edit de Perfil,(3) Recommend, y (4) User Approval en WebAPP anterior a 0.9.9.5 utilizan enrtadas oculta, lo cual tiene un impacto desconocido y vectores de ataque remotos. • http://osvdb.org/33295 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

WebAPP before 0.9.9.5 allows remote authenticated users, without admin privileges, to obtain sensitive information via (1) the Forum Archive feature and (2) Recent Searches. WebAPP anterior a 0.9.9.5 permite a usuarios validados, sin privilegios de administrador, obtener información sensible a través de la característica Forum Archive y (2) Busquedas recientes. • http://osvdb.org/33281 http://osvdb.org/33298 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

WebAPP before 0.9.9.5 does not check referrers in certain forms, which might facilitate remote cross-site request forgery (CSRF) attacks or have other unknown impact. WebAPP anterior a 0.9.9.5 no comprueba referenciadores en ciertos formularios, lo cual podría facilitar ataques de falsificación de petición en sitios cruzados (CSRF) o tener otros impactos desconocidos. • http://osvdb.org/33285 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 •