Vulnerability Details CVE-2007-1188
WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to "search form hijacking".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/33299
- http://secunia.com/advisories/24080
- http://www.securityfocus.com/bid/22563
- http://www.vupen.com/english/advisories/2007/0604
- http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250
- http://osvdb.org/33299
- http://secunia.com/advisories/24080
- http://www.securityfocus.com/bid/22563
- http://www.vupen.com/english/advisories/2007/0604
- http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250
Products affected by CVE-2007-1188
-
cpe:2.3:a:web-app.org:webapp:0.9.9
-
cpe:2.3:a:web-app.org:webapp:0.9.9.1
-
cpe:2.3:a:web-app.org:webapp:0.9.9.2
-
cpe:2.3:a:web-app.org:webapp:0.9.9.2.1
-
cpe:2.3:a:web-app.org:webapp:0.9.9.3
-
cpe:2.3:a:web-app.org:webapp:0.9.9.3.1
-
cpe:2.3:a:web-app.org:webapp:0.9.9.3.2
-
cpe:2.3:a:web-app.org:webapp:0.9.9.4