CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2007-1185
https://notcve.org/view.php?id=CVE-2007-1185
The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval forms in WebAPP before 0.9.9.5 use hidden inputs, which has unknown impact and remote attack vectors. Los formularios de (1) Search, (2) Edit de Perfil,(3) Recommend, y (4) User Approval en WebAPP anterior a 0.9.9.5 utilizan enrtadas oculta, lo cual tiene un impacto desconocido y vectores de ataque remotos. • http://osvdb.org/33295 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2007-1187
https://notcve.org/view.php?id=CVE-2007-1187
WebAPP before 0.9.9.5 allows remote authenticated users, without admin privileges, to obtain sensitive information via (1) the Forum Archive feature and (2) Recent Searches. WebAPP anterior a 0.9.9.5 permite a usuarios validados, sin privilegios de administrador, obtener información sensible a través de la característica Forum Archive y (2) Busquedas recientes. • http://osvdb.org/33281 http://osvdb.org/33298 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1180
https://notcve.org/view.php?id=CVE-2007-1180
WebAPP before 0.9.9.5 does not check referrers in certain forms, which might facilitate remote cross-site request forgery (CSRF) attacks or have other unknown impact. WebAPP anterior a 0.9.9.5 no comprueba referenciadores en ciertos formularios, lo cual podría facilitar ataques de falsificación de petición en sitios cruzados (CSRF) o tener otros impactos desconocidos. • http://osvdb.org/33285 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1178
https://notcve.org/view.php?id=CVE-2007-1178
WebAPP before 0.9.9.5 does not check access in certain contexts related to (1) Calendar Administration, (2) Instant Messages Administration, and (3) the Image Uploader, which has unknown impact and attack vectors. WebAPP anterior a 0.9.9.5 no valida el acceso en ciertos contextos relacionado con (1) Calendar Administration, (2) Instant Messages Administration, y (3) Image Uploader, lo cual tiene un impacto desconocido y vectores de ataque, • http://osvdb.org/33279 http://osvdb.org/33282 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2007-1184
https://notcve.org/view.php?id=CVE-2007-1184
The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of "no," which makes it easier for automated programs to submit false data. La configuración por defecto de WebAPP anterio a 0.9.9.5 tiene una configuración CAPTCHA de "no," lo cual face facil para programas automáticos enviar datos falsos. • http://osvdb.org/33294 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 • CWE-16: Configuration •