CVE-2007-1177
Severity Score
5.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to (1) the query string, (2) Profiles, (3) the Forum Post icon field, (4) the Edit Profile, and (5) the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting (XSS).
WebAPP anterior a 0.9.9.5 no filtra de forma adecuada ciertos caracteres en contextos relacionados en (1) la cadena query, (2)Profiles, (3)el icono del campo de Post del Forum, (4)el perfil de editor, y (5) Gallery, lo caul tiene un impacto desconocido y vectores de ataque remoto, posiblemente relacionado con secuencias de comandos en sitios cruzados (XSS).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-02-28 CVE Reserved
- 2007-02-28 CVE Published
- 2024-04-25 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/33277 | Vdb Entry | |
| http://osvdb.org/33283 | Vdb Entry | |
| http://osvdb.org/33286 | Vdb Entry | |
| http://osvdb.org/33287 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/0604 | Vdb Entry | |
| http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/24080 | 2011-03-08 | |
| http://www.securityfocus.com/bid/22563 | 2011-03-08 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Web-app.org Search vendor "Web-app.org" | Webapp Search vendor "Web-app.org" for product "Webapp" | 0.9.9 Search vendor "Web-app.org" for product "Webapp" and version "0.9.9" | - |
Affected
| ||||||
| Web-app.org Search vendor "Web-app.org" | Webapp Search vendor "Web-app.org" for product "Webapp" | 0.9.9.1 Search vendor "Web-app.org" for product "Webapp" and version "0.9.9.1" | - |
Affected
| ||||||
| Web-app.org Search vendor "Web-app.org" | Webapp Search vendor "Web-app.org" for product "Webapp" | 0.9.9.2 Search vendor "Web-app.org" for product "Webapp" and version "0.9.9.2" | - |
Affected
| ||||||
| Web-app.org Search vendor "Web-app.org" | Webapp Search vendor "Web-app.org" for product "Webapp" | 0.9.9.2.1 Search vendor "Web-app.org" for product "Webapp" and version "0.9.9.2.1" | - |
Affected
| ||||||
| Web-app.org Search vendor "Web-app.org" | Webapp Search vendor "Web-app.org" for product "Webapp" | 0.9.9.3 Search vendor "Web-app.org" for product "Webapp" and version "0.9.9.3" | - |
Affected
| ||||||
| Web-app.org Search vendor "Web-app.org" | Webapp Search vendor "Web-app.org" for product "Webapp" | 0.9.9.3.1 Search vendor "Web-app.org" for product "Webapp" and version "0.9.9.3.1" | - |
Affected
| ||||||
| Web-app.org Search vendor "Web-app.org" | Webapp Search vendor "Web-app.org" for product "Webapp" | 0.9.9.3.2 Search vendor "Web-app.org" for product "Webapp" and version "0.9.9.3.2" | - |
Affected
| ||||||
| Web-app.org Search vendor "Web-app.org" | Webapp Search vendor "Web-app.org" for product "Webapp" | 0.9.9.4 Search vendor "Web-app.org" for product "Webapp" and version "0.9.9.4" | - |
Affected
| ||||||