Unrated severityNVD Advisory· Published Jun 26, 2007· Updated Jun 16, 2026
CVE-2007-3419
CVE-2007-3419
Description
The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.dat, (6) states.dat, and (7) ages.dat files before saving profile settings of members, which has unknown impact and remote attack vectors.
Affected products
2cpe:2.3:a:web-app.org:webapp:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:web-app.org:webapp:*:*:*:*:*:*:*:*range: <=0.9.9.6
- (no CPE)range: <0.9.9.7
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.