VYPR
Unrated severityNVD Advisory· Published Jun 26, 2007· Updated Jun 16, 2026

CVE-2007-3419

CVE-2007-3419

Description

The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.dat, (6) states.dat, and (7) ages.dat files before saving profile settings of members, which has unknown impact and remote attack vectors.

Affected products

2
  • cpe:2.3:a:web-app.org:webapp:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:web-app.org:webapp:*:*:*:*:*:*:*:*range: <=0.9.9.6
    • (no CPE)range: <0.9.9.7

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.