Unrated severityNVD Advisory· Published Mar 2, 2007· Updated Apr 23, 2026

CVE-2007-1177

Description

WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to (1) the query string, (2) Profiles, (3) the Forum Post icon field, (4) the Edit Profile, and (5) the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting (XSS).

Affected products

Web App.org/Webapp8 versions
cpe:2.3:a:web-app.org:webapp:0.9.9:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:web-app.org:webapp:0.9.9:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/24080nvdPatchVendor Advisory
www.securityfocus.com/bid/22563nvdPatchVendor Advisory
osvdb.org/33277nvd
osvdb.org/33283nvd
osvdb.org/33286nvd
osvdb.org/33287nvd
www.vupen.com/english/advisories/2007/0604nvd
www.web-app.org/cgi-bin/index.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000