Unrated severityNVD Advisory· Published Mar 2, 2007· Updated Jun 16, 2026
CVE-2007-1177
CVE-2007-1177
Description
WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to (1) the query string, (2) Profiles, (3) the Forum Post icon field, (4) the Edit Profile, and (5) the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting (XSS).
Affected products
9cpe:2.3:a:web-app.org:webapp:0.9.9:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:web-app.org:webapp:0.9.9:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:web-app.org:webapp:0.9.9.4:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
8- secunia.com/advisories/24080nvdPatchVendor Advisory
- www.securityfocus.com/bid/22563nvdPatchVendor Advisory
- osvdb.org/33277nvd
- osvdb.org/33283nvd
- osvdb.org/33286nvd
- osvdb.org/33287nvd
- www.vupen.com/english/advisories/2007/0604nvd
- www.web-app.org/cgi-bin/index.cginvd
News mentions
0No linked articles in our index yet.