Unrated severityNVD Advisory· Published Jun 26, 2007· Updated Apr 23, 2026

CVE-2007-3419

Description

The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.dat, (6) states.dat, and (7) ages.dat files before saving profile settings of members, which has unknown impact and remote attack vectors.

Affected products

Web App.org/Webapp
cpe:2.3:a:web-app.org:webapp:*:*:*:*:*:*:*:*
Range: <=0.9.9.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.web-app.org/downloads/WebAPPv0.9.9.7.zipnvdPatch
osvdb.org/45400nvd
www.web-app.org/cgi-bin/index.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000